c6f6bb10b136c96c1638ae1f13df565f8b6673eeaeb3858f913ab6f439695cd4 | Triage

Sharing

General

Target

2024-11-20_366948b30217be39cb14932e5bb09d16_cryptolocker
Size

38KB
Sample

241120-f27mrawqek
MD5

366948b30217be39cb14932e5bb09d16
SHA1

321b4dbe078722a769248f3ed8e3547d2a7faf02
SHA256

c6f6bb10b136c96c1638ae1f13df565f8b6673eeaeb3858f913ab6f439695cd4
SHA512

055e70e9b9b7c7c04b8d8f08d078d4e833cb38838596c2d749ae560d20de72caec8bf25859924d51ed06b1c1bd30a9da45d2c60f62058ac995bed0d3e5d1f26c
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+49:fT+hsMQMOtEvwDpjoIH9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_366948b30217be39cb14932e5bb09d16_cryptolocker
- Size
  
  38KB
- MD5
  
  366948b30217be39cb14932e5bb09d16
- SHA1
  
  321b4dbe078722a769248f3ed8e3547d2a7faf02
- SHA256
  
  c6f6bb10b136c96c1638ae1f13df565f8b6673eeaeb3858f913ab6f439695cd4
- SHA512
  
  055e70e9b9b7c7c04b8d8f08d078d4e833cb38838596c2d749ae560d20de72caec8bf25859924d51ed06b1c1bd30a9da45d2c60f62058ac995bed0d3e5d1f26c
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+49:fT+hsMQMOtEvwDpjoIH9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2