09e7f3b24e2a06fd6fe5a1a8aa68148c09a255a239ee211df36dd59238b7903f | Triage

Sharing

General

Target

2024-10-18_1335acaf8f7fcfe07254a8e8a86f07f9_cryptolocker
Size

37KB
Sample

241018-ntek1axemr
MD5

1335acaf8f7fcfe07254a8e8a86f07f9
SHA1

bb36fd830e60e91eedb0b39da0b14f88c5ec2c0b
SHA256

09e7f3b24e2a06fd6fe5a1a8aa68148c09a255a239ee211df36dd59238b7903f
SHA512

8a913b1263468b521755efc1983572bbdc569b603f8c21864540883e18e13c8b213551ec4180eb0e8f7e6efc0a18c45468cd9e6463b3bb20c6c81f3a8fb6f6c4
SSDEEP

384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOJ:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMaW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-18_1335acaf8f7fcfe07254a8e8a86f07f9_cryptolocker
- Size
  
  37KB
- MD5
  
  1335acaf8f7fcfe07254a8e8a86f07f9
- SHA1
  
  bb36fd830e60e91eedb0b39da0b14f88c5ec2c0b
- SHA256
  
  09e7f3b24e2a06fd6fe5a1a8aa68148c09a255a239ee211df36dd59238b7903f
- SHA512
  
  8a913b1263468b521755efc1983572bbdc569b603f8c21864540883e18e13c8b213551ec4180eb0e8f7e6efc0a18c45468cd9e6463b3bb20c6c81f3a8fb6f6c4
- SSDEEP
  
  384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOJ:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMaW
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2