72d8fe45ba1e4e094d22f5d6ba2efd91941b6ac4da321dea1c32d2e64fc3ee6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-18_af70774ab6acee8489ba12312f0d5d30_cryptolocker
Size

50KB
Sample

241018-cdpv9azdpf
MD5

af70774ab6acee8489ba12312f0d5d30
SHA1

e1c4acf38b6ac70920dac6d2517f52c67f59f1c0
SHA256

72d8fe45ba1e4e094d22f5d6ba2efd91941b6ac4da321dea1c32d2e64fc3ee6a
SHA512

e20dbb4236db752a125160425082cfe047ac41bd593ffd6bb09d75c524ec8eb539d1768c3c6102373aaec8a1b9fe5ffb60f2d5c278c906caa9ba2033de4bd627
SSDEEP

768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPx9UnuDLlD+wuK:bIDOw9a0Dwo3P1ojvUSD4PInyD8K

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-18_af70774ab6acee8489ba12312f0d5d30_cryptolocker
- Size
  
  50KB
- MD5
  
  af70774ab6acee8489ba12312f0d5d30
- SHA1
  
  e1c4acf38b6ac70920dac6d2517f52c67f59f1c0
- SHA256
  
  72d8fe45ba1e4e094d22f5d6ba2efd91941b6ac4da321dea1c32d2e64fc3ee6a
- SHA512
  
  e20dbb4236db752a125160425082cfe047ac41bd593ffd6bb09d75c524ec8eb539d1768c3c6102373aaec8a1b9fe5ffb60f2d5c278c906caa9ba2033de4bd627
- SSDEEP
  
  768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPx9UnuDLlD+wuK:bIDOw9a0Dwo3P1ojvUSD4PInyD8K
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2