6b3c5a318deaff72aee35f5af6dcddef40bee0bd093c83e32bded14e8d673029 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-19_477cfe7fd5153b5ecf8da3b25582b284_cryptolocker
Size

46KB
Sample

240819-rqptcasenj
MD5

477cfe7fd5153b5ecf8da3b25582b284
SHA1

f2db0ee4293585315b1934aef8e2263f8b31044c
SHA256

6b3c5a318deaff72aee35f5af6dcddef40bee0bd093c83e32bded14e8d673029
SHA512

25424d720aae6b38c7a68346b8ae7296b741cae35151255167cea19b670dcbdc37e43349d75dd9370476d7b0fa68198fcf6f7dfc326eab3b79b85c3457cba8b7
SSDEEP

384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknql:bm74zYcgT/EkM0ryfjdnql

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-19_477cfe7fd5153b5ecf8da3b25582b284_cryptolocker
- Size
  
  46KB
- MD5
  
  477cfe7fd5153b5ecf8da3b25582b284
- SHA1
  
  f2db0ee4293585315b1934aef8e2263f8b31044c
- SHA256
  
  6b3c5a318deaff72aee35f5af6dcddef40bee0bd093c83e32bded14e8d673029
- SHA512
  
  25424d720aae6b38c7a68346b8ae7296b741cae35151255167cea19b670dcbdc37e43349d75dd9370476d7b0fa68198fcf6f7dfc326eab3b79b85c3457cba8b7
- SSDEEP
  
  384:bm74uGLLQRcsdeQ72ngEr4K7YmE8jb0nrlwfjDUknql:bm74zYcgT/EkM0ryfjdnql
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2