7d708f1dffb99d5a72a680d403af2695076fd7974b4f617a1d125d0f66763ed7 | Triage

Sharing

General

Target

2024-11-21_ea878eae357c453ad7c275213680f1b9_cryptolocker
Size

45KB
Sample

241121-hwm29syhjg
MD5

ea878eae357c453ad7c275213680f1b9
SHA1

f8617125e39b0fbbfaec46bccdfcf36b900d7fbf
SHA256

7d708f1dffb99d5a72a680d403af2695076fd7974b4f617a1d125d0f66763ed7
SHA512

f977e0a600e1b3b31ce496bbbecfaf3ff8d76a0c687d138264a0a0214a74d6ed9f38574eeac9577109f6810730bf8291371cebcc20aeab22145aa40bbc164cfe
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUk3f:bm74zYcgT/EkM0ryfjd3f

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_ea878eae357c453ad7c275213680f1b9_cryptolocker
- Size
  
  45KB
- MD5
  
  ea878eae357c453ad7c275213680f1b9
- SHA1
  
  f8617125e39b0fbbfaec46bccdfcf36b900d7fbf
- SHA256
  
  7d708f1dffb99d5a72a680d403af2695076fd7974b4f617a1d125d0f66763ed7
- SHA512
  
  f977e0a600e1b3b31ce496bbbecfaf3ff8d76a0c687d138264a0a0214a74d6ed9f38574eeac9577109f6810730bf8291371cebcc20aeab22145aa40bbc164cfe
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUk3f:bm74zYcgT/EkM0ryfjd3f
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2