2c0deda1e6f35be870db9a186f7dbc985e46a79085b30d15dd642b6606c60ee1 | Triage

Sharing

General

Target

2024-11-21_ce6133b44979b374be97014c64c1af9f_cryptolocker
Size

36KB
Sample

241121-hs9f4aygqg
MD5

ce6133b44979b374be97014c64c1af9f
SHA1

bc8e73936a52659f334cc1c901c8d4a3a5139ce5
SHA256

2c0deda1e6f35be870db9a186f7dbc985e46a79085b30d15dd642b6606c60ee1
SHA512

9bc5ffece99eb22e2e3498bcdf9a5a95f8a0d753adb870ab4759f56efc2b716a090a50d4fb66816f8961ae2f259dcb5e652f5d43791db4b0a5af628de31910bc
SSDEEP

384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzorwI62tH/PN/uTIRpu:b7o/2n1TCraU6GD1a4Xcn62tH/1/Lpu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_ce6133b44979b374be97014c64c1af9f_cryptolocker
- Size
  
  36KB
- MD5
  
  ce6133b44979b374be97014c64c1af9f
- SHA1
  
  bc8e73936a52659f334cc1c901c8d4a3a5139ce5
- SHA256
  
  2c0deda1e6f35be870db9a186f7dbc985e46a79085b30d15dd642b6606c60ee1
- SHA512
  
  9bc5ffece99eb22e2e3498bcdf9a5a95f8a0d753adb870ab4759f56efc2b716a090a50d4fb66816f8961ae2f259dcb5e652f5d43791db4b0a5af628de31910bc
- SSDEEP
  
  384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzorwI62tH/PN/uTIRpu:b7o/2n1TCraU6GD1a4Xcn62tH/1/Lpu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2