f8f000d6294302d3bc0756d461a377725d0e1653666e0c498c504b99130cea59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_e5c95c139f2117a27861391cbd1ec430_cryptolocker
Size

53KB
Sample

240829-j3rjps1crf
MD5

e5c95c139f2117a27861391cbd1ec430
SHA1

ea543d3e2711e03b0ce71686de1c8f81903e0773
SHA256

f8f000d6294302d3bc0756d461a377725d0e1653666e0c498c504b99130cea59
SHA512

bf3f5af44b8d295f8a1715e27f1c238db0e8465a3ba62ada674918856c8a2dda557da896e189546492d4e1f668766d9f2b2225562e2920c75add43186b6e9a2c
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPt547MX:V6QFElP6n+gMQMOtEvwDpjyaLccVCYX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-08-29_e5c95c139f2117a27861391cbd1ec430_cryptolocker
- Size
  
  53KB
- MD5
  
  e5c95c139f2117a27861391cbd1ec430
- SHA1
  
  ea543d3e2711e03b0ce71686de1c8f81903e0773
- SHA256
  
  f8f000d6294302d3bc0756d461a377725d0e1653666e0c498c504b99130cea59
- SHA512
  
  bf3f5af44b8d295f8a1715e27f1c238db0e8465a3ba62ada674918856c8a2dda557da896e189546492d4e1f668766d9f2b2225562e2920c75add43186b6e9a2c
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPt547MX:V6QFElP6n+gMQMOtEvwDpjyaLccVCYX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2