e6dd2890e885800d668807ec87f3c2f2628b36ecda56b245bd1b02ac2b84a958 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-26_26616452340b1e82c3dff57f4c593032_cryptolocker
Size

79KB
Sample

240726-kmeewaxdmk
MD5

26616452340b1e82c3dff57f4c593032
SHA1

f1e37f68bd07e024c94d0988afe359b24be442b0
SHA256

e6dd2890e885800d668807ec87f3c2f2628b36ecda56b245bd1b02ac2b84a958
SHA512

4844516e798d7f1e2859c85d19eae763e675f24779420f2d1c25a409bf78f199a22659ea267b472df02956fe75271f9607e59de6511b99fb754e50f30974304f
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHsoLktNP:X6a+SOtEvwDpjBZYvQd2I

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-07-26_26616452340b1e82c3dff57f4c593032_cryptolocker
- Size
  
  79KB
- MD5
  
  26616452340b1e82c3dff57f4c593032
- SHA1
  
  f1e37f68bd07e024c94d0988afe359b24be442b0
- SHA256
  
  e6dd2890e885800d668807ec87f3c2f2628b36ecda56b245bd1b02ac2b84a958
- SHA512
  
  4844516e798d7f1e2859c85d19eae763e675f24779420f2d1c25a409bf78f199a22659ea267b472df02956fe75271f9607e59de6511b99fb754e50f30974304f
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHsoLktNP:X6a+SOtEvwDpjBZYvQd2I
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2