d1c2248b34b43811e3e4604f064f9d71d8ac426ca4b4a0214c95a927d916b9e3 | Triage

Sharing

General

Target

2024-11-20_868bd2b809c7d8709c0f1b3f3a7ad027_cryptolocker
Size

73KB
Sample

241120-f4ls3awqgq
MD5

868bd2b809c7d8709c0f1b3f3a7ad027
SHA1

97cc861893250d94947e1ffa5ee58f15a4437e01
SHA256

d1c2248b34b43811e3e4604f064f9d71d8ac426ca4b4a0214c95a927d916b9e3
SHA512

99cc3985167cc7f8f90f58a61bd5225e3ed5d4b5b2c640f8d85025ab06ceaa5b6097805ab7a42759806ba9e5f304872c00c328cea59fc84f39e9a829f6077654
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24B

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_868bd2b809c7d8709c0f1b3f3a7ad027_cryptolocker
- Size
  
  73KB
- MD5
  
  868bd2b809c7d8709c0f1b3f3a7ad027
- SHA1
  
  97cc861893250d94947e1ffa5ee58f15a4437e01
- SHA256
  
  d1c2248b34b43811e3e4604f064f9d71d8ac426ca4b4a0214c95a927d916b9e3
- SHA512
  
  99cc3985167cc7f8f90f58a61bd5225e3ed5d4b5b2c640f8d85025ab06ceaa5b6097805ab7a42759806ba9e5f304872c00c328cea59fc84f39e9a829f6077654
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rp:vj+jsMQMOtEvwDpj5HZYTjipvF24B
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2