633e50597a6375c12d19038f11b1fe1550509c93f60a38b7d6410b2cc9dbd0e5 | Triage

Sharing

General

Target

2024-10-31_b07d3e99fdbc1cac69fe27a9da694514_cryptolocker
Size

44KB
Sample

241031-kd4cmsvfln
MD5

b07d3e99fdbc1cac69fe27a9da694514
SHA1

bfebbb1c4ae7b9e9d8ccf440efaa4a00095c13cd
SHA256

633e50597a6375c12d19038f11b1fe1550509c93f60a38b7d6410b2cc9dbd0e5
SHA512

f9bebb8d76f7ad8b3d7b2a31dc740cd67e9e3621e6953d8a69d4053c94fedadcfa7d057e1d15e9f4312c880f07516b78fedf08e540a001359b850e70e9030b9f
SSDEEP

768:bQyC4GyNM01GuQMNXwXOQ69zbjlAAX5e9zT:bQpYayGiAizbR9XwzT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-31_b07d3e99fdbc1cac69fe27a9da694514_cryptolocker
- Size
  
  44KB
- MD5
  
  b07d3e99fdbc1cac69fe27a9da694514
- SHA1
  
  bfebbb1c4ae7b9e9d8ccf440efaa4a00095c13cd
- SHA256
  
  633e50597a6375c12d19038f11b1fe1550509c93f60a38b7d6410b2cc9dbd0e5
- SHA512
  
  f9bebb8d76f7ad8b3d7b2a31dc740cd67e9e3621e6953d8a69d4053c94fedadcfa7d057e1d15e9f4312c880f07516b78fedf08e540a001359b850e70e9030b9f
- SSDEEP
  
  768:bQyC4GyNM01GuQMNXwXOQ69zbjlAAX5e9zT:bQpYayGiAizbR9XwzT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2