a3cbb530bf4092a4b042895d514bebf38320774122175dcee2fb19ab3d591d06 | Triage

Sharing

General

Target

2024-11-02_b9a283d3a36ea44edd9e7f3646a26504_cryptolocker
Size

50KB
Sample

241102-g3nrpszdpe
MD5

b9a283d3a36ea44edd9e7f3646a26504
SHA1

cfa7017e1444986e079f7b9772b98bca6f52f97e
SHA256

a3cbb530bf4092a4b042895d514bebf38320774122175dcee2fb19ab3d591d06
SHA512

2c604cdb9e19a3970c55097bde5cbc6f3f44b457c9d24c9d96f231ba876fe719bcc1ec7043404e90909d7880dc8d02d9e9804f0381cc1efd2b2a1691be39f626
SSDEEP

1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1x5hjatshm:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7b

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-02_b9a283d3a36ea44edd9e7f3646a26504_cryptolocker
- Size
  
  50KB
- MD5
  
  b9a283d3a36ea44edd9e7f3646a26504
- SHA1
  
  cfa7017e1444986e079f7b9772b98bca6f52f97e
- SHA256
  
  a3cbb530bf4092a4b042895d514bebf38320774122175dcee2fb19ab3d591d06
- SHA512
  
  2c604cdb9e19a3970c55097bde5cbc6f3f44b457c9d24c9d96f231ba876fe719bcc1ec7043404e90909d7880dc8d02d9e9804f0381cc1efd2b2a1691be39f626
- SSDEEP
  
  1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1x5hjatshm:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7b
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2