4245e93648d8cf2075113980d025bead315b5e3efa03603a20bd2e3a0e490cf9 | Triage

Sharing

General

Target

2024-11-20_9eb1e5ad5fa18e6d2344059480132760_cryptolocker
Size

45KB
Sample

241120-f4xwbs1rgs
MD5

9eb1e5ad5fa18e6d2344059480132760
SHA1

028e1ea70faee4e726cfa1a7ea40bc5f0797d893
SHA256

4245e93648d8cf2075113980d025bead315b5e3efa03603a20bd2e3a0e490cf9
SHA512

2cb393d5e5735b971e65eb3cb9618e915c42eda5241f1098af71dd631a2757181902b13c6740747aedf40677866f86a39febf29e03340e1d3a5ad5aea724f5fc
SSDEEP

768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkL7vF1TlD4pq:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_9eb1e5ad5fa18e6d2344059480132760_cryptolocker
- Size
  
  45KB
- MD5
  
  9eb1e5ad5fa18e6d2344059480132760
- SHA1
  
  028e1ea70faee4e726cfa1a7ea40bc5f0797d893
- SHA256
  
  4245e93648d8cf2075113980d025bead315b5e3efa03603a20bd2e3a0e490cf9
- SHA512
  
  2cb393d5e5735b971e65eb3cb9618e915c42eda5241f1098af71dd631a2757181902b13c6740747aedf40677866f86a39febf29e03340e1d3a5ad5aea724f5fc
- SSDEEP
  
  768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkL7vF1TlD4pq:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLx
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2