215d58a5a69a616cc04b5f8542ec46f4463cba6c8f6eac56978682d4da0ec142 | Triage

Sharing

General

Target

2024-11-02_bac6711350616fd27a3177645e3ab4d5_cryptolocker
Size

34KB
Sample

241102-g3v6sa1pcj
MD5

bac6711350616fd27a3177645e3ab4d5
SHA1

57c77da2155a7701a0b4f605f152bfb77997d5dc
SHA256

215d58a5a69a616cc04b5f8542ec46f4463cba6c8f6eac56978682d4da0ec142
SHA512

196973c0b0775e9c0fdfe14eec91dcc8005b6958c99ae102c2b79956216d1414e6c333d56596fd368dbd54f70e33144b98aeba4856bdf03b750aab18a1f4c41c
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsgYKT:b/yC4GyNM01GuQMNXw2PSjSKkcJYKT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-02_bac6711350616fd27a3177645e3ab4d5_cryptolocker
- Size
  
  34KB
- MD5
  
  bac6711350616fd27a3177645e3ab4d5
- SHA1
  
  57c77da2155a7701a0b4f605f152bfb77997d5dc
- SHA256
  
  215d58a5a69a616cc04b5f8542ec46f4463cba6c8f6eac56978682d4da0ec142
- SHA512
  
  196973c0b0775e9c0fdfe14eec91dcc8005b6958c99ae102c2b79956216d1414e6c333d56596fd368dbd54f70e33144b98aeba4856bdf03b750aab18a1f4c41c
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsgYKT:b/yC4GyNM01GuQMNXw2PSjSKkcJYKT
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2