e423cc9ec2d409e42dc10d2e676d4732a9f1df74e5891a8927c8313eba69ab14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-18_226e400f5dec93ac025f45e5ef89c101_cryptolocker
Size

43KB
Sample

241018-asb7layamk
MD5

226e400f5dec93ac025f45e5ef89c101
SHA1

0f0c1cf2cdd693471396232a7e73e85e17863486
SHA256

e423cc9ec2d409e42dc10d2e676d4732a9f1df74e5891a8927c8313eba69ab14
SHA512

3efdd51b3b8ab71fff60aec2007a643061928f6674fadef1130a7af2429df6276c4c5bc88ce919b9d30f19cfaa7d68d2266fdb89b1f23cc89212329f348fdfa0
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLaHaMMm2X3U:V6QFElP6n+gMQMOtEvwDpjyaHaX+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-18_226e400f5dec93ac025f45e5ef89c101_cryptolocker
- Size
  
  43KB
- MD5
  
  226e400f5dec93ac025f45e5ef89c101
- SHA1
  
  0f0c1cf2cdd693471396232a7e73e85e17863486
- SHA256
  
  e423cc9ec2d409e42dc10d2e676d4732a9f1df74e5891a8927c8313eba69ab14
- SHA512
  
  3efdd51b3b8ab71fff60aec2007a643061928f6674fadef1130a7af2429df6276c4c5bc88ce919b9d30f19cfaa7d68d2266fdb89b1f23cc89212329f348fdfa0
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLaHaMMm2X3U:V6QFElP6n+gMQMOtEvwDpjyaHaX+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2