8aacd66059e26f9d516ae1891e60ab30df1f4c854e196a70057d4c31228c672e | Triage

Sharing

General

Target

2024-10-31_feb6d42eca8e0bcfffaf55434221e49d_cryptolocker
Size

48KB
Sample

241031-j8kncavbrf
MD5

feb6d42eca8e0bcfffaf55434221e49d
SHA1

701f70bc21a59917efc9ed7dd5c03f7551d19373
SHA256

8aacd66059e26f9d516ae1891e60ab30df1f4c854e196a70057d4c31228c672e
SHA512

5273d3d5cfa3ece835d82baa431267f241cffde8e9abbec66050efe30d6d9cf3ba3b8e6b075d1a8cef88838b706e65df73b222b0a9dca924c22ffefba7300875
SSDEEP

768:y6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpjbXOQ69zbjlAAX5e9zrPH:y6QFElP6n+gMQMOtEvwDpjbizbR9Xwzz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-31_feb6d42eca8e0bcfffaf55434221e49d_cryptolocker
- Size
  
  48KB
- MD5
  
  feb6d42eca8e0bcfffaf55434221e49d
- SHA1
  
  701f70bc21a59917efc9ed7dd5c03f7551d19373
- SHA256
  
  8aacd66059e26f9d516ae1891e60ab30df1f4c854e196a70057d4c31228c672e
- SHA512
  
  5273d3d5cfa3ece835d82baa431267f241cffde8e9abbec66050efe30d6d9cf3ba3b8e6b075d1a8cef88838b706e65df73b222b0a9dca924c22ffefba7300875
- SSDEEP
  
  768:y6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpjbXOQ69zbjlAAX5e9zrPH:y6QFElP6n+gMQMOtEvwDpjbizbR9Xwzz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2