ba387a97d11b2ab2ef9dacaa70ae3e010e3a6dd19be7cf0b6b6d3f0fd2b23dfb | Triage

Sharing

General

Target

2024-11-20_1fabb539a617e2c8f804056f83222afa_cryptolocker
Size

45KB
Sample

241120-dxvraazara
MD5

1fabb539a617e2c8f804056f83222afa
SHA1

42c2759e9f2c0a16fe8123a3913e5cd8866ff5e7
SHA256

ba387a97d11b2ab2ef9dacaa70ae3e010e3a6dd19be7cf0b6b6d3f0fd2b23dfb
SHA512

bb71ba6e297814fc5e056adbc7a3f5372f304435580b8feed3befe795d05f24b59b77a594937d714b5c20aee2d1a68bc8c8a68394622ea66af0e87ce721126db
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9HkdfS:X6QFElP6n+gJQMOtEvwDpjBmzDkWDt9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_1fabb539a617e2c8f804056f83222afa_cryptolocker
- Size
  
  45KB
- MD5
  
  1fabb539a617e2c8f804056f83222afa
- SHA1
  
  42c2759e9f2c0a16fe8123a3913e5cd8866ff5e7
- SHA256
  
  ba387a97d11b2ab2ef9dacaa70ae3e010e3a6dd19be7cf0b6b6d3f0fd2b23dfb
- SHA512
  
  bb71ba6e297814fc5e056adbc7a3f5372f304435580b8feed3befe795d05f24b59b77a594937d714b5c20aee2d1a68bc8c8a68394622ea66af0e87ce721126db
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9HkdfS:X6QFElP6n+gJQMOtEvwDpjBmzDkWDt9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2