f0c1017ee142ac048daa9588037919a867c22a7661fd2d0f9661c822ffb5ed6e | Triage

Sharing

General

Target

2024-11-21_e2cbcc5893fd9be52e4ff766a58a89ff_cryptolocker
Size

73KB
Sample

241121-jncr1azmfs
MD5

e2cbcc5893fd9be52e4ff766a58a89ff
SHA1

cd2e4af89c0674d8512e51bab63f9f10c50226e6
SHA256

f0c1017ee142ac048daa9588037919a867c22a7661fd2d0f9661c822ffb5ed6e
SHA512

65a4889a4e162019158ce67ce60900751e9d64c2db0c2e3c0f1d7c01773ff822201992dc782e3ba342cf50c6e48697f80321ee091628718919fea6f91f6f0f9c
SSDEEP

1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZOp:DW60sllyWOtEvwDpjwF85a

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_e2cbcc5893fd9be52e4ff766a58a89ff_cryptolocker
- Size
  
  73KB
- MD5
  
  e2cbcc5893fd9be52e4ff766a58a89ff
- SHA1
  
  cd2e4af89c0674d8512e51bab63f9f10c50226e6
- SHA256
  
  f0c1017ee142ac048daa9588037919a867c22a7661fd2d0f9661c822ffb5ed6e
- SHA512
  
  65a4889a4e162019158ce67ce60900751e9d64c2db0c2e3c0f1d7c01773ff822201992dc782e3ba342cf50c6e48697f80321ee091628718919fea6f91f6f0f9c
- SSDEEP
  
  1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUNZOp:DW60sllyWOtEvwDpjwF85a
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2