a77911d9a6ea16bb03f3d11b7eb4231e6b79d66a271a279d6c1f0a2687ac131f | Triage

Sharing

General

Target

2024-11-20_d9b772e706b45db74cc8acb3c3aa07e4_cryptolocker
Size

48KB
Sample

241120-d62wysvlgn
MD5

d9b772e706b45db74cc8acb3c3aa07e4
SHA1

2a27ed1c361bd7bae1a46f0720e3c3dd1b75927f
SHA256

a77911d9a6ea16bb03f3d11b7eb4231e6b79d66a271a279d6c1f0a2687ac131f
SHA512

68241427d5d9acabc9caea9e0f377e4f4faacd62c704c0244ca8fe3b84f20fae86eaa48460de85b442919514f5442bb9caa8d23d35adb429ee772275584ac155
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPlFJ:P6QFElP6k+MRQMOtEvwDpjBQpVX8D

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_d9b772e706b45db74cc8acb3c3aa07e4_cryptolocker
- Size
  
  48KB
- MD5
  
  d9b772e706b45db74cc8acb3c3aa07e4
- SHA1
  
  2a27ed1c361bd7bae1a46f0720e3c3dd1b75927f
- SHA256
  
  a77911d9a6ea16bb03f3d11b7eb4231e6b79d66a271a279d6c1f0a2687ac131f
- SHA512
  
  68241427d5d9acabc9caea9e0f377e4f4faacd62c704c0244ca8fe3b84f20fae86eaa48460de85b442919514f5442bb9caa8d23d35adb429ee772275584ac155
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPlFJ:P6QFElP6k+MRQMOtEvwDpjBQpVX8D
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2