f7b7caa3f3a34505f9c8fc967b29a3bf0bc14258c601abec0685cd1604045145 | Triage

Sharing

General

Target

2024-10-18_0f53ca8fbae0d5db821be88dd05009f0_cryptolocker
Size

30KB
Sample

241018-aqppxaxhnl
MD5

0f53ca8fbae0d5db821be88dd05009f0
SHA1

95ec9636b5e9376b88ef670c6d39ca2f3a5f4e4a
SHA256

f7b7caa3f3a34505f9c8fc967b29a3bf0bc14258c601abec0685cd1604045145
SHA512

e856fe930251f054a806d4fdf399564f7d62012781830fb71b48d51f565572869bfdf739ba4e89076f4e047a57180390f77ba0dd572ace34ba215faa2b200124
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznC9:b/yC4GyNM01GuQMNXw2PSjk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-18_0f53ca8fbae0d5db821be88dd05009f0_cryptolocker
- Size
  
  30KB
- MD5
  
  0f53ca8fbae0d5db821be88dd05009f0
- SHA1
  
  95ec9636b5e9376b88ef670c6d39ca2f3a5f4e4a
- SHA256
  
  f7b7caa3f3a34505f9c8fc967b29a3bf0bc14258c601abec0685cd1604045145
- SHA512
  
  e856fe930251f054a806d4fdf399564f7d62012781830fb71b48d51f565572869bfdf739ba4e89076f4e047a57180390f77ba0dd572ace34ba215faa2b200124
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznC9:b/yC4GyNM01GuQMNXw2PSjk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2