778263446cc7e42982d5a58d382f1d2e6424d67e5cf80d357826fb939fcbb70a | Triage

Sharing

General

Target

2024-11-21_9e6c0a284d2c4fd62f3a6693a76c222e_cryptolocker
Size

52KB
Sample

241121-jgnwpazame
MD5

9e6c0a284d2c4fd62f3a6693a76c222e
SHA1

fa7e2e5f76ff7ef0a4a1bfa0548556220c74bd63
SHA256

778263446cc7e42982d5a58d382f1d2e6424d67e5cf80d357826fb939fcbb70a
SHA512

803be669b70fb03df24929d9e24b7716920795d18e3dc5c475647fb6db4c461b5416d048d9d89cd29755cf0ae20064e946e6eb62cd9c2e8d406dd3e978acd90b
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nC9:vj+jsMQMOtEvwDpj5HczerLO04B19

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_9e6c0a284d2c4fd62f3a6693a76c222e_cryptolocker
- Size
  
  52KB
- MD5
  
  9e6c0a284d2c4fd62f3a6693a76c222e
- SHA1
  
  fa7e2e5f76ff7ef0a4a1bfa0548556220c74bd63
- SHA256
  
  778263446cc7e42982d5a58d382f1d2e6424d67e5cf80d357826fb939fcbb70a
- SHA512
  
  803be669b70fb03df24929d9e24b7716920795d18e3dc5c475647fb6db4c461b5416d048d9d89cd29755cf0ae20064e946e6eb62cd9c2e8d406dd3e978acd90b
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0FmB0nC9:vj+jsMQMOtEvwDpj5HczerLO04B19
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2