8004015fb1f1d37fccbf0a79ffd2c74d9904d09b12f1e86e047452c54a3e0844 | Triage

Sharing

General

Target

2024-11-21_4be8d669d86c1d59c4ca132c04deb5c0_cryptolocker
Size

61KB
Sample

241121-hj451szkaz
MD5

4be8d669d86c1d59c4ca132c04deb5c0
SHA1

d085959ca6c3b486cb28f56201b0e9e8136b1432
SHA256

8004015fb1f1d37fccbf0a79ffd2c74d9904d09b12f1e86e047452c54a3e0844
SHA512

02a592c9e630fb1818c44819281f257acf66f9e4068bc0b7560031c00a35d636ddb4a60d8fc5ee170070b1f449bb28358748445285da7c816fd97ec3bb6f354a
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMX:TCjsIOtEvwDpj5HE/OUHnSM4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_4be8d669d86c1d59c4ca132c04deb5c0_cryptolocker
- Size
  
  61KB
- MD5
  
  4be8d669d86c1d59c4ca132c04deb5c0
- SHA1
  
  d085959ca6c3b486cb28f56201b0e9e8136b1432
- SHA256
  
  8004015fb1f1d37fccbf0a79ffd2c74d9904d09b12f1e86e047452c54a3e0844
- SHA512
  
  02a592c9e630fb1818c44819281f257acf66f9e4068bc0b7560031c00a35d636ddb4a60d8fc5ee170070b1f449bb28358748445285da7c816fd97ec3bb6f354a
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMX:TCjsIOtEvwDpj5HE/OUHnSM4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2