3614d824e957a6864fb0b6b36a51ed148b839be59d6a13f8eb54ec9e9d1f29a5 | Triage

Sharing

General

Target

2024-11-20_ea82528956ce1328d9759f2f9f4be148_cryptolocker
Size

48KB
Sample

241120-d8bgsazmdt
MD5

ea82528956ce1328d9759f2f9f4be148
SHA1

bd9e00a08aa87793a35cfd1d779c5894e03ca4a6
SHA256

3614d824e957a6864fb0b6b36a51ed148b839be59d6a13f8eb54ec9e9d1f29a5
SHA512

d21331896dc2a75fb0de211ee3aa683ea25a4ca77c01e44dd37d3953330b58605dd65050425bcc64652fc6c5d36e31a8648c6a5fe6311e5df17b434b030df440
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPlFM:P6QFElP6k+MRQMOtEvwDpjBQpVX8i

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_ea82528956ce1328d9759f2f9f4be148_cryptolocker
- Size
  
  48KB
- MD5
  
  ea82528956ce1328d9759f2f9f4be148
- SHA1
  
  bd9e00a08aa87793a35cfd1d779c5894e03ca4a6
- SHA256
  
  3614d824e957a6864fb0b6b36a51ed148b839be59d6a13f8eb54ec9e9d1f29a5
- SHA512
  
  d21331896dc2a75fb0de211ee3aa683ea25a4ca77c01e44dd37d3953330b58605dd65050425bcc64652fc6c5d36e31a8648c6a5fe6311e5df17b434b030df440
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPlFM:P6QFElP6k+MRQMOtEvwDpjBQpVX8i
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2