71f08a8bebfb96266b6b3e1bab4f3d1505b66554a886ef2115a0999f13746b7a | Triage

Sharing

General

Target

2024-11-21_a48b74aefd24d493205767dc1eb5b0eb_cryptolocker
Size

50KB
Sample

241121-enn3tatjaq
MD5

a48b74aefd24d493205767dc1eb5b0eb
SHA1

ea914da6e072dce810ca10bf35dab4479aa1187b
SHA256

71f08a8bebfb96266b6b3e1bab4f3d1505b66554a886ef2115a0999f13746b7a
SHA512

30d87cc35a3fc7c05c6f6cfa8aaa89eec016ed938d02523047834ba1dba0617eaf3cf52edbaed9f0f398f5ceec05e531e87dabbb3f66962301137a924908ff01
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0n73:vj+jsMQMOtEvwDpj5HczerLO04B4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_a48b74aefd24d493205767dc1eb5b0eb_cryptolocker
- Size
  
  50KB
- MD5
  
  a48b74aefd24d493205767dc1eb5b0eb
- SHA1
  
  ea914da6e072dce810ca10bf35dab4479aa1187b
- SHA256
  
  71f08a8bebfb96266b6b3e1bab4f3d1505b66554a886ef2115a0999f13746b7a
- SHA512
  
  30d87cc35a3fc7c05c6f6cfa8aaa89eec016ed938d02523047834ba1dba0617eaf3cf52edbaed9f0f398f5ceec05e531e87dabbb3f66962301137a924908ff01
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0n73:vj+jsMQMOtEvwDpj5HczerLO04B4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2