f90edd007d37a966c0388545dc76e71ad7a514b95852064702e29899afd04278 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-08_2bd4d73832f87ef2133fb1e459d4d43c_cryptolocker
Size

42KB
Sample

240109-hd8k9abfgj
MD5

2bd4d73832f87ef2133fb1e459d4d43c
SHA1

75eb8b0ba74143f1dfa8ff1b41f3e1a01a5ea048
SHA256

f90edd007d37a966c0388545dc76e71ad7a514b95852064702e29899afd04278
SHA512

064de27992caf57c9b228ba9ad8d25b8e6dc60c9b4b78dbb8e8fac804605a9960d8e4a90d5c331bd450b6999c45fa4ebd424bf2e2beb5f0ad4c45781cef8082f
SSDEEP

768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6j4AYsqSh+DETkedm+YUw:YGzl5wjRQBBOsP1QMOtEvwDpjl39+D+G

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-08_2bd4d73832f87ef2133fb1e459d4d43c_cryptolocker
- Size
  
  42KB
- MD5
  
  2bd4d73832f87ef2133fb1e459d4d43c
- SHA1
  
  75eb8b0ba74143f1dfa8ff1b41f3e1a01a5ea048
- SHA256
  
  f90edd007d37a966c0388545dc76e71ad7a514b95852064702e29899afd04278
- SHA512
  
  064de27992caf57c9b228ba9ad8d25b8e6dc60c9b4b78dbb8e8fac804605a9960d8e4a90d5c331bd450b6999c45fa4ebd424bf2e2beb5f0ad4c45781cef8082f
- SSDEEP
  
  768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6j4AYsqSh+DETkedm+YUw:YGzl5wjRQBBOsP1QMOtEvwDpjl39+D+G
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2