6c32a73153d728875859ba4eaa3c9bb943d8c0f4e6f22f54f311733b900a539c | Triage

Sharing

General

Target

2024-11-02_0ad887261b95457c2bcf9ade1b3ea69d_cryptolocker
Size

49KB
Sample

241102-g6az1s1pep
MD5

0ad887261b95457c2bcf9ade1b3ea69d
SHA1

218d29849c4f0e19c1718a41fd91526f52978296
SHA256

6c32a73153d728875859ba4eaa3c9bb943d8c0f4e6f22f54f311733b900a539c
SHA512

04af35b45dc30402d4ec3b9fba4885f2a0dc1c9dd6118464cb06b83310584fe453908cbd1d75c29159c0c06abe7f404e86c76c3f07fb846d6670d84788c7a923
SSDEEP

768:26LsoVEeegiZPvEhHSP+gDdQtOOtEvwDpjtMLZdzuqpXsiE8Wq/DpkIT8u:26Q0ElP6G+gBQMOtEvwDpjgWMl7Tj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-02_0ad887261b95457c2bcf9ade1b3ea69d_cryptolocker
- Size
  
  49KB
- MD5
  
  0ad887261b95457c2bcf9ade1b3ea69d
- SHA1
  
  218d29849c4f0e19c1718a41fd91526f52978296
- SHA256
  
  6c32a73153d728875859ba4eaa3c9bb943d8c0f4e6f22f54f311733b900a539c
- SHA512
  
  04af35b45dc30402d4ec3b9fba4885f2a0dc1c9dd6118464cb06b83310584fe453908cbd1d75c29159c0c06abe7f404e86c76c3f07fb846d6670d84788c7a923
- SSDEEP
  
  768:26LsoVEeegiZPvEhHSP+gDdQtOOtEvwDpjtMLZdzuqpXsiE8Wq/DpkIT8u:26Q0ElP6G+gBQMOtEvwDpjgWMl7Tj
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2