ca9d2e2ff7f593af66b8daed91017676a5217d565727af0a757b81e44aae5711 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-25_a576ec355daf18bb293ef62b9e856fa1_cryptolocker
Size

41KB
Sample

240825-hmnbns1arc
MD5

a576ec355daf18bb293ef62b9e856fa1
SHA1

e87ce617cdd48d9dfd9150419a26fffd3e75945d
SHA256

ca9d2e2ff7f593af66b8daed91017676a5217d565727af0a757b81e44aae5711
SHA512

9ec6b1ebcda46347fe24fcf6327e267b3e5d951915d2e6419ca7cbbb0ba30598bbbdbb784f9a46b008c2836a3fba6353eed21bf0034b109f78000561ba8cbeb7
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuD+8:ZzFbxmLPWQMOtEvwDpjLeJAsKc5

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-25_a576ec355daf18bb293ef62b9e856fa1_cryptolocker
- Size
  
  41KB
- MD5
  
  a576ec355daf18bb293ef62b9e856fa1
- SHA1
  
  e87ce617cdd48d9dfd9150419a26fffd3e75945d
- SHA256
  
  ca9d2e2ff7f593af66b8daed91017676a5217d565727af0a757b81e44aae5711
- SHA512
  
  9ec6b1ebcda46347fe24fcf6327e267b3e5d951915d2e6419ca7cbbb0ba30598bbbdbb784f9a46b008c2836a3fba6353eed21bf0034b109f78000561ba8cbeb7
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuD+8:ZzFbxmLPWQMOtEvwDpjLeJAsKc5
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2