0798d4a4c016e4e94212a4c38a0488bfd7359f5607494037ada044d96af75c4c | Triage

Sharing

General

Target

2024-11-02_00012fa253697b0fff104193aa1edd61_cryptolocker
Size

51KB
Sample

241102-g4whyazdra
MD5

00012fa253697b0fff104193aa1edd61
SHA1

be4c33463643b69457a00c29cfee58d4f4685679
SHA256

0798d4a4c016e4e94212a4c38a0488bfd7359f5607494037ada044d96af75c4c
SHA512

b7c659a0aed98e05b9ec73ce9f652b3cac1478a746ca2dc6991d04fa12404de8096d358dbb7ca5c3e715ba541f81a6c8406d5ce658c4f72e804d2a3d362b1ec5
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0na:vj+jsMQMOtEvwDpj5HczerLO04Bd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-02_00012fa253697b0fff104193aa1edd61_cryptolocker
- Size
  
  51KB
- MD5
  
  00012fa253697b0fff104193aa1edd61
- SHA1
  
  be4c33463643b69457a00c29cfee58d4f4685679
- SHA256
  
  0798d4a4c016e4e94212a4c38a0488bfd7359f5607494037ada044d96af75c4c
- SHA512
  
  b7c659a0aed98e05b9ec73ce9f652b3cac1478a746ca2dc6991d04fa12404de8096d358dbb7ca5c3e715ba541f81a6c8406d5ce658c4f72e804d2a3d362b1ec5
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0na:vj+jsMQMOtEvwDpj5HczerLO04Bd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2