f662db08c688f22a4f3dd0106a85b85d79d5cea86fc89279286a7c0197f04024 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-09_2164b962b20d2f831a27517d9310b0fe_cryptolocker
Size

52KB
Sample

240809-jx5t5sybjl
MD5

2164b962b20d2f831a27517d9310b0fe
SHA1

ea7a3e72a226f1af14487025fc7d7f6b9ca5cbb2
SHA256

f662db08c688f22a4f3dd0106a85b85d79d5cea86fc89279286a7c0197f04024
SHA512

92f3aef93f9d9165aed56732c626a00be39b37b95bf4bc84a1cf84a6ac23872cb65d0a428aacbce56a5bb3973ebd41ac98d7db684790ca3dacb1152fb63957e6
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjyaLccCKdulcA:V6a+pOtEvwDpjv9A

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-09_2164b962b20d2f831a27517d9310b0fe_cryptolocker
- Size
  
  52KB
- MD5
  
  2164b962b20d2f831a27517d9310b0fe
- SHA1
  
  ea7a3e72a226f1af14487025fc7d7f6b9ca5cbb2
- SHA256
  
  f662db08c688f22a4f3dd0106a85b85d79d5cea86fc89279286a7c0197f04024
- SHA512
  
  92f3aef93f9d9165aed56732c626a00be39b37b95bf4bc84a1cf84a6ac23872cb65d0a428aacbce56a5bb3973ebd41ac98d7db684790ca3dacb1152fb63957e6
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjyaLccCKdulcA:V6a+pOtEvwDpjv9A
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2