8dacc152046ed6e065c4c30234b9d6385ff177c907e4444821ceb63ba1f2fbc8 | Triage

Sharing

General

Target

2024-10-17_5492715376633717c3114e7c5e3f3df6_cryptolocker
Size

75KB
Sample

241017-zcjn6svdmb
MD5

5492715376633717c3114e7c5e3f3df6
SHA1

c0665a299a9206c933ec1faa3019559cf4922cca
SHA256

8dacc152046ed6e065c4c30234b9d6385ff177c907e4444821ceb63ba1f2fbc8
SHA512

5c56583f43aae51d4f802312e5c03e9e1afa8dacbca5f6c2d33f0e8612f2cb117ce7b7b9e26666bcc42ddbb2fe0f042a662117fbc50508e28595e1f0c67b949a
SSDEEP

1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIufo:vCjsIOtEvwDpj5H9YvQd2M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-17_5492715376633717c3114e7c5e3f3df6_cryptolocker
- Size
  
  75KB
- MD5
  
  5492715376633717c3114e7c5e3f3df6
- SHA1
  
  c0665a299a9206c933ec1faa3019559cf4922cca
- SHA256
  
  8dacc152046ed6e065c4c30234b9d6385ff177c907e4444821ceb63ba1f2fbc8
- SHA512
  
  5c56583f43aae51d4f802312e5c03e9e1afa8dacbca5f6c2d33f0e8612f2cb117ce7b7b9e26666bcc42ddbb2fe0f042a662117fbc50508e28595e1f0c67b949a
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIufo:vCjsIOtEvwDpj5H9YvQd2M
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2