4ed99349ca7da5e15e3c9a4717c5e33efa2af9adfef328ee088e29a3f1c4e973 | Triage

Sharing

General

Target

2024-10-31_f70917c942f7f839a277aee15e22b9e3_cryptolocker
Size

44KB
Sample

241031-j6fxdawlcq
MD5

f70917c942f7f839a277aee15e22b9e3
SHA1

4dec50976fdb33a13c0737df35bc081f7fb87934
SHA256

4ed99349ca7da5e15e3c9a4717c5e33efa2af9adfef328ee088e29a3f1c4e973
SHA512

b86465cdc9db88449d04da2816d67c0a2b211d55a3a2ab82b95d1dbdfcbab61c19bcb5f92a6828406f1e619504ef733b837a5ef45aeb574324b41462447c0a0a
SSDEEP

768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxyVHsn:bIDOw9a0Dwo3P1ojvUSD4Pl

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-31_f70917c942f7f839a277aee15e22b9e3_cryptolocker
- Size
  
  44KB
- MD5
  
  f70917c942f7f839a277aee15e22b9e3
- SHA1
  
  4dec50976fdb33a13c0737df35bc081f7fb87934
- SHA256
  
  4ed99349ca7da5e15e3c9a4717c5e33efa2af9adfef328ee088e29a3f1c4e973
- SHA512
  
  b86465cdc9db88449d04da2816d67c0a2b211d55a3a2ab82b95d1dbdfcbab61c19bcb5f92a6828406f1e619504ef733b837a5ef45aeb574324b41462447c0a0a
- SSDEEP
  
  768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxyVHsn:bIDOw9a0Dwo3P1ojvUSD4Pl
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2