e4a11f2b70065be6571f8582a0f3f11dcca20f9158fbead759494b8f2dbf715f | Triage

Sharing

General

Target

2024-10-14_885f6120b3f2f41394a6d7b678a0a3a7_cryptolocker
Size

81KB
Sample

241014-ffkk4atdkl
MD5

885f6120b3f2f41394a6d7b678a0a3a7
SHA1

e4bbcb43cdddbe1682b510e80508237288dbce5a
SHA256

e4a11f2b70065be6571f8582a0f3f11dcca20f9158fbead759494b8f2dbf715f
SHA512

06417bb10cf8d742467ef2368d159eb77581303f7472a37530c579bd77d99b8b1b8659bee43e2cc99d8ac7aaf88095ce7deb49a6e53eea3816bd86b3b14b01bc
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/Rs580gVea:ZVxkGOtEvwDpjchd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-14_885f6120b3f2f41394a6d7b678a0a3a7_cryptolocker
- Size
  
  81KB
- MD5
  
  885f6120b3f2f41394a6d7b678a0a3a7
- SHA1
  
  e4bbcb43cdddbe1682b510e80508237288dbce5a
- SHA256
  
  e4a11f2b70065be6571f8582a0f3f11dcca20f9158fbead759494b8f2dbf715f
- SHA512
  
  06417bb10cf8d742467ef2368d159eb77581303f7472a37530c579bd77d99b8b1b8659bee43e2cc99d8ac7aaf88095ce7deb49a6e53eea3816bd86b3b14b01bc
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/Rs580gVea:ZVxkGOtEvwDpjchd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2