8da38a95dc8e3f86d06a675d4b0bc78e85fb2261edde948d4cda555f38eda394 | Triage

Sharing

General

Target

2024-11-21_56638c7992addf377b5d2b799f3d21d9_cryptolocker
Size

61KB
Sample

241121-hkcr6azkbs
MD5

56638c7992addf377b5d2b799f3d21d9
SHA1

ff418e5a8972ddf84bb412108d0671b08b790ff5
SHA256

8da38a95dc8e3f86d06a675d4b0bc78e85fb2261edde948d4cda555f38eda394
SHA512

a8707308fb9d4f7b6d4fdbea297f79f1aed43993540388190503240e9094ed9a29c8f89e2e8e8d2c1a777635698a5cfae3279e8dc667029d46dc12830a08678c
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMa:TCjsIOtEvwDpj5HE/OUHnSMp

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_56638c7992addf377b5d2b799f3d21d9_cryptolocker
- Size
  
  61KB
- MD5
  
  56638c7992addf377b5d2b799f3d21d9
- SHA1
  
  ff418e5a8972ddf84bb412108d0671b08b790ff5
- SHA256
  
  8da38a95dc8e3f86d06a675d4b0bc78e85fb2261edde948d4cda555f38eda394
- SHA512
  
  a8707308fb9d4f7b6d4fdbea297f79f1aed43993540388190503240e9094ed9a29c8f89e2e8e8d2c1a777635698a5cfae3279e8dc667029d46dc12830a08678c
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMa:TCjsIOtEvwDpj5HE/OUHnSMp
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2