d279c8abdd6ef7774c6b2b831f11b403c2dacde6b9e3cb4b0569ac25fb1fd3f8 | Triage

Sharing

General

Target

2025-03-21_ba5062b17ea3a5951e74f391b53ab701_cryptolocker
Size

56KB
Sample

250321-jx9s4ayqy5
MD5

ba5062b17ea3a5951e74f391b53ab701
SHA1

13e94711f5c89a1c9f8b4b1ec6137135d9b5eb30
SHA256

d279c8abdd6ef7774c6b2b831f11b403c2dacde6b9e3cb4b0569ac25fb1fd3f8
SHA512

9c9dd7f7bbc05508e86b1cb32785b3ee3d1382559f3f8307a61d3ca0c54853108c09dca724741b667cce0a9d1f5412c7549241a6968065c65bfb327b805f52f0
SSDEEP

768:bdvJCYOOvbRPDTHgX0fZF+FYFAEF9wZGrwC/gFzpCYV3:bdvJCF+RXgKigACKGB/oFCS3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2025-03-21_ba5062b17ea3a5951e74f391b53ab701_cryptolocker
- Size
  
  56KB
- MD5
  
  ba5062b17ea3a5951e74f391b53ab701
- SHA1
  
  13e94711f5c89a1c9f8b4b1ec6137135d9b5eb30
- SHA256
  
  d279c8abdd6ef7774c6b2b831f11b403c2dacde6b9e3cb4b0569ac25fb1fd3f8
- SHA512
  
  9c9dd7f7bbc05508e86b1cb32785b3ee3d1382559f3f8307a61d3ca0c54853108c09dca724741b667cce0a9d1f5412c7549241a6968065c65bfb327b805f52f0
- SSDEEP
  
  768:bdvJCYOOvbRPDTHgX0fZF+FYFAEF9wZGrwC/gFzpCYV3:bdvJCF+RXgKigACKGB/oFCS3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2