7b045c0813a9bbc32a1898aef99fab80cf4cc6eb19407bcff09f18058b5a7ec0 | Triage

Sharing

General

Target

2024-11-20_5294af9657f466116fbfff97e3f561bc_cryptolocker
Size

47KB
Sample

241120-dzlamazhrp
MD5

5294af9657f466116fbfff97e3f561bc
SHA1

e00d9a76de802eec8c2e9ee122860fe4fe0d5b1b
SHA256

7b045c0813a9bbc32a1898aef99fab80cf4cc6eb19407bcff09f18058b5a7ec0
SHA512

08cfa3aea6265c7927ffe2ec281ef2c62a97ff5293f74cf72402b4048d3b1bd4bc093a946d0cc19afaadf6c3c62e97df28f45b2300ef2a865433093b22ffbe0d
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9J3zbc:X6QFElP6n+gJQMOtEvwDpjBmzDkWDrzI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_5294af9657f466116fbfff97e3f561bc_cryptolocker
- Size
  
  47KB
- MD5
  
  5294af9657f466116fbfff97e3f561bc
- SHA1
  
  e00d9a76de802eec8c2e9ee122860fe4fe0d5b1b
- SHA256
  
  7b045c0813a9bbc32a1898aef99fab80cf4cc6eb19407bcff09f18058b5a7ec0
- SHA512
  
  08cfa3aea6265c7927ffe2ec281ef2c62a97ff5293f74cf72402b4048d3b1bd4bc093a946d0cc19afaadf6c3c62e97df28f45b2300ef2a865433093b22ffbe0d
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9J3zbc:X6QFElP6n+gJQMOtEvwDpjBmzDkWDrzI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2