55287a3f02112f1cacb2eba3be2c674e99782eccddc9e1b73096cb2b3db2a485 | Triage

Sharing

General

Target

2024-11-21_4707ad0cbd88869e5a02d97a74ac0f2f_cryptolocker
Size

31KB
Sample

241121-hesanatpgk
MD5

4707ad0cbd88869e5a02d97a74ac0f2f
SHA1

2545a649a0e30b2e6dd5ed7e2d260e15023fa204
SHA256

55287a3f02112f1cacb2eba3be2c674e99782eccddc9e1b73096cb2b3db2a485
SHA512

bccee8314921b75fb2f782350d916527b55726f2d005de15350d95a8940c86481a66e056de674d4d6441878e6591a5d6f44850aa0c7ffa121f681fb2790f271f
SSDEEP

384:buWbtjL8L1iE0eBhkzPbKAaomTqC9Mwf4fjDCgpmaPc4HyVOCGHqEf:bxNQIE0eBhkL2Fo1CCwgfjOg9JyUC7M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_4707ad0cbd88869e5a02d97a74ac0f2f_cryptolocker
- Size
  
  31KB
- MD5
  
  4707ad0cbd88869e5a02d97a74ac0f2f
- SHA1
  
  2545a649a0e30b2e6dd5ed7e2d260e15023fa204
- SHA256
  
  55287a3f02112f1cacb2eba3be2c674e99782eccddc9e1b73096cb2b3db2a485
- SHA512
  
  bccee8314921b75fb2f782350d916527b55726f2d005de15350d95a8940c86481a66e056de674d4d6441878e6591a5d6f44850aa0c7ffa121f681fb2790f271f
- SSDEEP
  
  384:buWbtjL8L1iE0eBhkzPbKAaomTqC9Mwf4fjDCgpmaPc4HyVOCGHqEf:bxNQIE0eBhkL2Fo1CCwgfjOg9JyUC7M
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2