d3cfd8fb0b36d983f157ddbc935886288b1257372a5da97f16bf658d013187a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-25_8bd5f712466992672e58f466330a67ae_cryptolocker
Size

55KB
Sample

240825-hkdpfszhme
MD5

8bd5f712466992672e58f466330a67ae
SHA1

3f0eae7e00588bff2955bf1dbc14bfd16ed9177f
SHA256

d3cfd8fb0b36d983f157ddbc935886288b1257372a5da97f16bf658d013187a7
SHA512

c6279803dd3cf5c70d871e0c284a6850ba567b46ec403a4f874aa2ae2ccd4414da458b47b6d49ed4dee9c7cdbf4085f2dd4344600b37d1ae6ee91dab8dde4a37
SSDEEP

768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6KAti:79mqyNhQMOtEvwDpjBxe8TpXRSDeKD

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-25_8bd5f712466992672e58f466330a67ae_cryptolocker
- Size
  
  55KB
- MD5
  
  8bd5f712466992672e58f466330a67ae
- SHA1
  
  3f0eae7e00588bff2955bf1dbc14bfd16ed9177f
- SHA256
  
  d3cfd8fb0b36d983f157ddbc935886288b1257372a5da97f16bf658d013187a7
- SHA512
  
  c6279803dd3cf5c70d871e0c284a6850ba567b46ec403a4f874aa2ae2ccd4414da458b47b6d49ed4dee9c7cdbf4085f2dd4344600b37d1ae6ee91dab8dde4a37
- SSDEEP
  
  768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6KAti:79mqyNhQMOtEvwDpjBxe8TpXRSDeKD
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2