4018e75be60acefac3e57e32c978f14f3637fdb1f1da6edf798ce423ca2d70a0 | Triage

Sharing

General

Target

2024-11-21_f634b76e3b7e399bb0d149d945a41e88_cryptolocker
Size

73KB
Sample

241121-jjlt4szmbs
MD5

f634b76e3b7e399bb0d149d945a41e88
SHA1

50678c49232ee774f54865baf7b75f3de33de19e
SHA256

4018e75be60acefac3e57e32c978f14f3637fdb1f1da6edf798ce423ca2d70a0
SHA512

07c7284c1bf3eb610c4411e6635fe6827cdedde25abb0fb3005bbe2bff70418fffaf7137ad172e398987ff03336f8fdb5cfc91c15059f4ee71074d2796e542db
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rx:vj+jsMQMOtEvwDpj5HZYTjipvF24p

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_f634b76e3b7e399bb0d149d945a41e88_cryptolocker
- Size
  
  73KB
- MD5
  
  f634b76e3b7e399bb0d149d945a41e88
- SHA1
  
  50678c49232ee774f54865baf7b75f3de33de19e
- SHA256
  
  4018e75be60acefac3e57e32c978f14f3637fdb1f1da6edf798ce423ca2d70a0
- SHA512
  
  07c7284c1bf3eb610c4411e6635fe6827cdedde25abb0fb3005bbe2bff70418fffaf7137ad172e398987ff03336f8fdb5cfc91c15059f4ee71074d2796e542db
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Rx:vj+jsMQMOtEvwDpj5HZYTjipvF24p
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2