b6ee0be1df0646af782acc6c53d1435dc081e5605f1caf690958aa14b0653743 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-03_e0ec1a3f0b2ceb49acff737ba2c17d33_cryptolocker
Size

86KB
Sample

240903-t5g36asdrb
MD5

e0ec1a3f0b2ceb49acff737ba2c17d33
SHA1

0384da4ba6ea7b7a37e4add1735d55aa6a23e4fe
SHA256

b6ee0be1df0646af782acc6c53d1435dc081e5605f1caf690958aa14b0653743
SHA512

2ec9ebd3c815d11d6f30deb242f8e8588c837e63464b0cc697c956f5f930ac72a0d049898eda2f382a41567e6f2e2380d2df7f35fc7feef5cd52d2198977e975
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrC+ZH:TCjsIOtEvwDpj5HE/OUHnSMP

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-03_e0ec1a3f0b2ceb49acff737ba2c17d33_cryptolocker
- Size
  
  86KB
- MD5
  
  e0ec1a3f0b2ceb49acff737ba2c17d33
- SHA1
  
  0384da4ba6ea7b7a37e4add1735d55aa6a23e4fe
- SHA256
  
  b6ee0be1df0646af782acc6c53d1435dc081e5605f1caf690958aa14b0653743
- SHA512
  
  2ec9ebd3c815d11d6f30deb242f8e8588c837e63464b0cc697c956f5f930ac72a0d049898eda2f382a41567e6f2e2380d2df7f35fc7feef5cd52d2198977e975
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrC+ZH:TCjsIOtEvwDpj5HE/OUHnSMP
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2