63386e099ec4e9fd1f4a24677be86979bf95ab248f522dc72cd8b3db92a94e09 | Triage

Sharing

General

Target

2024-11-21_c03b3eacb8676f75ec30a08e6a235a87_cryptolocker
Size

71KB
Sample

241121-jjarvazapb
MD5

c03b3eacb8676f75ec30a08e6a235a87
SHA1

30e3181ae25b2ac9975a900acf4713cfbbefb3d9
SHA256

63386e099ec4e9fd1f4a24677be86979bf95ab248f522dc72cd8b3db92a94e09
SHA512

3594fa0454dc757a93708a0420d1829915f6438f9d6f25de468b9a43de4bcf543c037cda66991a117a2f85444d5d636781d5e5d42870dd98a971584efeb38b28
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d3v:i5nkFGMOtEvwDpjNbwQEI8UZDV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_c03b3eacb8676f75ec30a08e6a235a87_cryptolocker
- Size
  
  71KB
- MD5
  
  c03b3eacb8676f75ec30a08e6a235a87
- SHA1
  
  30e3181ae25b2ac9975a900acf4713cfbbefb3d9
- SHA256
  
  63386e099ec4e9fd1f4a24677be86979bf95ab248f522dc72cd8b3db92a94e09
- SHA512
  
  3594fa0454dc757a93708a0420d1829915f6438f9d6f25de468b9a43de4bcf543c037cda66991a117a2f85444d5d636781d5e5d42870dd98a971584efeb38b28
- SSDEEP
  
  768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d3v:i5nkFGMOtEvwDpjNbwQEI8UZDV
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2