8cb75dbb747e09b17b4b279b8fe4cf37f9344e5eb2fad464e12e3651bc9e57da | Triage

Sharing

General

Target

2024-11-20_a9f5db99e7d6bf5ce6138216b53e6787_cryptolocker
Size

25KB
Sample

241120-c2f81szamn
MD5

a9f5db99e7d6bf5ce6138216b53e6787
SHA1

2d3ed4b92b26af2a3c883c38d19650e279c3a6c4
SHA256

8cb75dbb747e09b17b4b279b8fe4cf37f9344e5eb2fad464e12e3651bc9e57da
SHA512

6333d13a77a22e25da21358305492ed4cea61af40b55024a41c15f39e6636607ad43e9562ec0a727788ae6fc48e3b17077a15ab804830203951134b047c43e49
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/P4QtOOtEvwDpj2:ZzFbxmLP4QMOtEvwDpj2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_a9f5db99e7d6bf5ce6138216b53e6787_cryptolocker
- Size
  
  25KB
- MD5
  
  a9f5db99e7d6bf5ce6138216b53e6787
- SHA1
  
  2d3ed4b92b26af2a3c883c38d19650e279c3a6c4
- SHA256
  
  8cb75dbb747e09b17b4b279b8fe4cf37f9344e5eb2fad464e12e3651bc9e57da
- SHA512
  
  6333d13a77a22e25da21358305492ed4cea61af40b55024a41c15f39e6636607ad43e9562ec0a727788ae6fc48e3b17077a15ab804830203951134b047c43e49
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/P4QtOOtEvwDpj2:ZzFbxmLP4QMOtEvwDpj2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2