65e3d50cd003d27ba93f2063e1b6638219280780f054053e2dd7c576eea8aeff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-15_1f7f0f9dd509cbe63a2bc26fda44bd90_cryptolocker
Size

28KB
Sample

241015-aqq8qstgld
MD5

1f7f0f9dd509cbe63a2bc26fda44bd90
SHA1

0d49d660c2068ce6e794f77d50142cda08f76d2e
SHA256

65e3d50cd003d27ba93f2063e1b6638219280780f054053e2dd7c576eea8aeff
SHA512

dee3ac1e4cac104650738c46f18e8086ac2623d0de2bc9bb03e2306110f423de692e23ee5fe50f9a222e20dbd8ba311be6c256582a71ca5bf7e400e6cfb07997
SSDEEP

384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRuO:vQz7yVEhs9+js1SQtOOtEvwDpjJO

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-15_1f7f0f9dd509cbe63a2bc26fda44bd90_cryptolocker
- Size
  
  28KB
- MD5
  
  1f7f0f9dd509cbe63a2bc26fda44bd90
- SHA1
  
  0d49d660c2068ce6e794f77d50142cda08f76d2e
- SHA256
  
  65e3d50cd003d27ba93f2063e1b6638219280780f054053e2dd7c576eea8aeff
- SHA512
  
  dee3ac1e4cac104650738c46f18e8086ac2623d0de2bc9bb03e2306110f423de692e23ee5fe50f9a222e20dbd8ba311be6c256582a71ca5bf7e400e6cfb07997
- SSDEEP
  
  384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRuO:vQz7yVEhs9+js1SQtOOtEvwDpjJO
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2