7bc75d7bf982b40afac99c3fd007573e2ab9fc37967904c9fda92d4cc83d9b5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_7d6502d7704c80f00bee5e4b1fde4555_cryptolocker
Size

32KB
Sample

240110-gnfgsagcgr
MD5

7d6502d7704c80f00bee5e4b1fde4555
SHA1

e47133d9ad49ac148f4bc3a82a52852f19f643b9
SHA256

7bc75d7bf982b40afac99c3fd007573e2ab9fc37967904c9fda92d4cc83d9b5c
SHA512

7d880efd16fbbe0e791068d74d2c64544fddf230cda69a4136037d0868220145e9733859b34e771673a45cb3aef779acbc51a4fed654c12b5934d25d88419e5a
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PR+:b/yC4GyNM01GuQMNXw2PSjS2uvdHd98

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-01-09_7d6502d7704c80f00bee5e4b1fde4555_cryptolocker
- Size
  
  32KB
- MD5
  
  7d6502d7704c80f00bee5e4b1fde4555
- SHA1
  
  e47133d9ad49ac148f4bc3a82a52852f19f643b9
- SHA256
  
  7bc75d7bf982b40afac99c3fd007573e2ab9fc37967904c9fda92d4cc83d9b5c
- SHA512
  
  7d880efd16fbbe0e791068d74d2c64544fddf230cda69a4136037d0868220145e9733859b34e771673a45cb3aef779acbc51a4fed654c12b5934d25d88419e5a
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PR+:b/yC4GyNM01GuQMNXw2PSjS2uvdHd98
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2