196a78addfb46517bca6208efbbf715c3fed70d22f91f7e465e9d6632f3204bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-17_5641a50cebc9519811150277f8e7f117_cryptolocker
Size

39KB
Sample

241017-txrbvsthqg
MD5

5641a50cebc9519811150277f8e7f117
SHA1

ef575d4e279641d491835ca889a594c6002c31c4
SHA256

196a78addfb46517bca6208efbbf715c3fed70d22f91f7e465e9d6632f3204bb
SHA512

754f8558c4e719c6fae7c9ea8460be1e42c73459be273aba62a8a0d52ad429d39e00307531614cfab08c525c4f3c9bb2ae1652196024fbbef342e28446a806e1
SSDEEP

384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOO/:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6eS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-17_5641a50cebc9519811150277f8e7f117_cryptolocker
- Size
  
  39KB
- MD5
  
  5641a50cebc9519811150277f8e7f117
- SHA1
  
  ef575d4e279641d491835ca889a594c6002c31c4
- SHA256
  
  196a78addfb46517bca6208efbbf715c3fed70d22f91f7e465e9d6632f3204bb
- SHA512
  
  754f8558c4e719c6fae7c9ea8460be1e42c73459be273aba62a8a0d52ad429d39e00307531614cfab08c525c4f3c9bb2ae1652196024fbbef342e28446a806e1
- SSDEEP
  
  384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOO/:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6eS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2