d0ca8b2dcff479e601aced5ad186ffacb515f09237c0dafe3f6a581a635ff57b | Triage

Sharing

General

Target

2024-11-21_4899ab25f5676882b62f86b529447809_cryptolocker
Size

53KB
Sample

241121-jas7tstren
MD5

4899ab25f5676882b62f86b529447809
SHA1

d4073f6ad4c86df85698083a17e774d9e64a4ad6
SHA256

d0ca8b2dcff479e601aced5ad186ffacb515f09237c0dafe3f6a581a635ff57b
SHA512

695aa22454538f075b9075c186b29b270c5627848e53d06b7ac7e2975ac4dee62375fd4aff9d3bbd1745af44fdee7edfb0e90fa12700176a4d4ab1d17148f70b
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFvPx:vj+jsMQMOtEvwDpj5HH1nw73KOFx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_4899ab25f5676882b62f86b529447809_cryptolocker
- Size
  
  53KB
- MD5
  
  4899ab25f5676882b62f86b529447809
- SHA1
  
  d4073f6ad4c86df85698083a17e774d9e64a4ad6
- SHA256
  
  d0ca8b2dcff479e601aced5ad186ffacb515f09237c0dafe3f6a581a635ff57b
- SHA512
  
  695aa22454538f075b9075c186b29b270c5627848e53d06b7ac7e2975ac4dee62375fd4aff9d3bbd1745af44fdee7edfb0e90fa12700176a4d4ab1d17148f70b
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFvPx:vj+jsMQMOtEvwDpj5HH1nw73KOFx
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2