9ef8c1899bdd574ecf8552de8a99120d896ee2d3f05ec813454403d6447fa092 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-04_f216dace1088acce784a7d5b48ed86ac_cryptolocker
Size

43KB
Sample

240904-yf95vsvfnp
MD5

f216dace1088acce784a7d5b48ed86ac
SHA1

49ca637a34442cdbf45f7530143794da73e6e55f
SHA256

9ef8c1899bdd574ecf8552de8a99120d896ee2d3f05ec813454403d6447fa092
SHA512

450a00e26ad9f04bb141067d35a9e240d8d3c3de5047882ce7b244164931f431e82b5c88720fdc50f658ff94c50b2875419c4f49accd1ef9a530ba3058c34a5b
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaac4HK/wSvuQTCyD/95C:X6QFElP6n+gJQMOtEvwDpjBsYK/fbDFI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-04_f216dace1088acce784a7d5b48ed86ac_cryptolocker
- Size
  
  43KB
- MD5
  
  f216dace1088acce784a7d5b48ed86ac
- SHA1
  
  49ca637a34442cdbf45f7530143794da73e6e55f
- SHA256
  
  9ef8c1899bdd574ecf8552de8a99120d896ee2d3f05ec813454403d6447fa092
- SHA512
  
  450a00e26ad9f04bb141067d35a9e240d8d3c3de5047882ce7b244164931f431e82b5c88720fdc50f658ff94c50b2875419c4f49accd1ef9a530ba3058c34a5b
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaac4HK/wSvuQTCyD/95C:X6QFElP6n+gJQMOtEvwDpjBsYK/fbDFI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2