b0b80493686fad0996dec8a9856e8039e005fe0208dd5f2ec522467601994ae9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-23_e89ecfc29249e1e357e28d9f222f207c_cryptolocker
Size

392KB
Sample

240723-lmm8fsygmd
MD5

e89ecfc29249e1e357e28d9f222f207c
SHA1

cad2742842f15be7adced5f5dc1fd7562174d062
SHA256

b0b80493686fad0996dec8a9856e8039e005fe0208dd5f2ec522467601994ae9
SHA512

8f9da78d5b5a11a8d8031ecb5036e022372c3e01f7e6375d2392cb58eff03e832aa4b561123f1d3d92b1ee5e55563a3befe1639eec7cfbada0fb868cdcd4f10b
SSDEEP

6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXRV:nnOflT/ZFIjBz3xjTxynGUOUhXRV

Score

7^/10

Malware Config

Targets

- Target
  
  2024-07-23_e89ecfc29249e1e357e28d9f222f207c_cryptolocker
- Size
  
  392KB
- MD5
  
  e89ecfc29249e1e357e28d9f222f207c
- SHA1
  
  cad2742842f15be7adced5f5dc1fd7562174d062
- SHA256
  
  b0b80493686fad0996dec8a9856e8039e005fe0208dd5f2ec522467601994ae9
- SHA512
  
  8f9da78d5b5a11a8d8031ecb5036e022372c3e01f7e6375d2392cb58eff03e832aa4b561123f1d3d92b1ee5e55563a3befe1639eec7cfbada0fb868cdcd4f10b
- SSDEEP
  
  6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXRV:nnOflT/ZFIjBz3xjTxynGUOUhXRV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2