e0654e0dfbf4f18d6ec86dda743f976e7b09fa0c943bdbda57837249ee2ef9a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-21_2b012004f8f84002b5c2709a021537b6_cryptolocker
Size

47KB
Sample

240821-rsfcpatcld
MD5

2b012004f8f84002b5c2709a021537b6
SHA1

671964ab1ed51d8f2af2a8348e3475a4187d56d2
SHA256

e0654e0dfbf4f18d6ec86dda743f976e7b09fa0c943bdbda57837249ee2ef9a0
SHA512

9e37b9db4eb7cc6d6e02a5ec878e4fdde11b9ad6fc83718d2ae2aad6dea2081e188097361113bcf6dd45e59d3171d3288f79d264a9da80d628a3b5809b1bbfbc
SSDEEP

768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDhkJI:6j+1NMOtEvwDpjrRraJI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-21_2b012004f8f84002b5c2709a021537b6_cryptolocker
- Size
  
  47KB
- MD5
  
  2b012004f8f84002b5c2709a021537b6
- SHA1
  
  671964ab1ed51d8f2af2a8348e3475a4187d56d2
- SHA256
  
  e0654e0dfbf4f18d6ec86dda743f976e7b09fa0c943bdbda57837249ee2ef9a0
- SHA512
  
  9e37b9db4eb7cc6d6e02a5ec878e4fdde11b9ad6fc83718d2ae2aad6dea2081e188097361113bcf6dd45e59d3171d3288f79d264a9da80d628a3b5809b1bbfbc
- SSDEEP
  
  768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDhkJI:6j+1NMOtEvwDpjrRraJI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2