0e8687c5d6ae9f7476a60eff240b16bc735566f9128b5a0193aaa732c647f3df | Triage

Sharing

General

Target

2024-11-20_ff91899f15cdcd3c00c984e990d061e2_cryptolocker
Size

46KB
Sample

241120-d8ymbavmcq
MD5

ff91899f15cdcd3c00c984e990d061e2
SHA1

e8170e9d845d7a4bf03b838a7c0825a5fd648a91
SHA256

0e8687c5d6ae9f7476a60eff240b16bc735566f9128b5a0193aaa732c647f3df
SHA512

a468cdc311b2e12fc8125622c1548975ef605b1cb9757cba6cd6a72d19e0603be2df3e8d022dd858c4b48a50bdb5cf04e6278eb6e74960e5b0095f16568a5260
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknqS:bm74zYcgT/EkM0ryfjdnqS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_ff91899f15cdcd3c00c984e990d061e2_cryptolocker
- Size
  
  46KB
- MD5
  
  ff91899f15cdcd3c00c984e990d061e2
- SHA1
  
  e8170e9d845d7a4bf03b838a7c0825a5fd648a91
- SHA256
  
  0e8687c5d6ae9f7476a60eff240b16bc735566f9128b5a0193aaa732c647f3df
- SHA512
  
  a468cdc311b2e12fc8125622c1548975ef605b1cb9757cba6cd6a72d19e0603be2df3e8d022dd858c4b48a50bdb5cf04e6278eb6e74960e5b0095f16568a5260
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknqS:bm74zYcgT/EkM0ryfjdnqS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2