fe425660ba8f68e78dc31dbafdeaddd32d6a2a37b92c5bf929cefe20ff0ee7ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-18_dd19acacf48e2d48193456cf6a51c8e2_cryptolocker
Size

43KB
Sample

241018-f83x5sshpn
MD5

dd19acacf48e2d48193456cf6a51c8e2
SHA1

d85f84337e7a84c3555f33bad98d58e619e83a21
SHA256

fe425660ba8f68e78dc31dbafdeaddd32d6a2a37b92c5bf929cefe20ff0ee7ee
SHA512

f9f407a7c6b5188948d7135aa4fef62b2b77cb8386d21cab30553d85ab4903640d25a920fbfc2fdefb44233d13df42fa7e460da582dcaa88365df8c0622edecb
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8lBth2fmmA1scIQQi:ZzFbxmLPWQMOtEvwDpj38ltfmAB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-18_dd19acacf48e2d48193456cf6a51c8e2_cryptolocker
- Size
  
  43KB
- MD5
  
  dd19acacf48e2d48193456cf6a51c8e2
- SHA1
  
  d85f84337e7a84c3555f33bad98d58e619e83a21
- SHA256
  
  fe425660ba8f68e78dc31dbafdeaddd32d6a2a37b92c5bf929cefe20ff0ee7ee
- SHA512
  
  f9f407a7c6b5188948d7135aa4fef62b2b77cb8386d21cab30553d85ab4903640d25a920fbfc2fdefb44233d13df42fa7e460da582dcaa88365df8c0622edecb
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8lBth2fmmA1scIQQi:ZzFbxmLPWQMOtEvwDpj38ltfmAB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2