929e21d98fc19e47bf9e2bed9a1d64546a69cc3cd9f9451f8bed86687f2de4ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-10_596ec64f69bc98616e1be6cf3808e127_cryptolocker
Size

146KB
Sample

240111-gjnmlahdg3
MD5

596ec64f69bc98616e1be6cf3808e127
SHA1

c8781d57c20c24edb3f7d6d5f6a4d083e051af13
SHA256

929e21d98fc19e47bf9e2bed9a1d64546a69cc3cd9f9451f8bed86687f2de4ec
SHA512

e257a6a0c93a9265882e725b76713093c43937b87be40f6f359d5f97bb076283d7dac789b591941524079895f5c8f2adb87384ef1bd912dac4c622343b0d7e7d
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFk:V6a+pOtEvwDpjt22w

Score

7^/10

Malware Config

Targets

- Target
  
  2024-01-10_596ec64f69bc98616e1be6cf3808e127_cryptolocker
- Size
  
  146KB
- MD5
  
  596ec64f69bc98616e1be6cf3808e127
- SHA1
  
  c8781d57c20c24edb3f7d6d5f6a4d083e051af13
- SHA256
  
  929e21d98fc19e47bf9e2bed9a1d64546a69cc3cd9f9451f8bed86687f2de4ec
- SHA512
  
  e257a6a0c93a9265882e725b76713093c43937b87be40f6f359d5f97bb076283d7dac789b591941524079895f5c8f2adb87384ef1bd912dac4c622343b0d7e7d
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFk:V6a+pOtEvwDpjt22w
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2