27f818ecf4e0d31d181ff40335c2dd92a64da65c7bde32eea8ee4db15be9e567 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20240521a6838e06850ae4a996c20615d19f9bfacryptolocker.exe
Size

44KB
Sample

240522-w8b3escb6v
MD5

a6838e06850ae4a996c20615d19f9bfa
SHA1

ce290823ac915f32f2182f8d7e4e7c7d7ad1290b
SHA256

27f818ecf4e0d31d181ff40335c2dd92a64da65c7bde32eea8ee4db15be9e567
SHA512

98357cb80cb4c0d711a4b476b890a66bf34a293752d033da9fdcd081629caac0544dab2418cb501f9dc52db04cf1db12a2dd449459256bbb859cc7dc2e6e2bab
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  20240521a6838e06850ae4a996c20615d19f9bfacryptolocker.exe
- Size
  
  44KB
- MD5
  
  a6838e06850ae4a996c20615d19f9bfa
- SHA1
  
  ce290823ac915f32f2182f8d7e4e7c7d7ad1290b
- SHA256
  
  27f818ecf4e0d31d181ff40335c2dd92a64da65c7bde32eea8ee4db15be9e567
- SHA512
  
  98357cb80cb4c0d711a4b476b890a66bf34a293752d033da9fdcd081629caac0544dab2418cb501f9dc52db04cf1db12a2dd449459256bbb859cc7dc2e6e2bab
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2