892940e9d5eb9dd79757c4db0f8c29b4646d118ef3e9f96f7c33d7858e32b7d9 | Triage

Sharing

General

Target

2024-09-05_9bd3eb40b9891a71371e7f6747c0f0e6_cryptolocker
Size

32KB
Sample

240905-pddjfa1eld
MD5

9bd3eb40b9891a71371e7f6747c0f0e6
SHA1

6daf93f6f80ed7e0e92ba9ddf8efc7ad93b9c159
SHA256

892940e9d5eb9dd79757c4db0f8c29b4646d118ef3e9f96f7c33d7858e32b7d9
SHA512

77153d9a07dc6711f97d948f9de25496ea45a4a1b64db4b707ca3a87a52962198d355611e2f5d08b604e2c3475d5ac3e8e9bfdc5e27f9ce096d2ffbe5bdfe190
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdoe:bAvJCYOOvbRPDEgXRcJX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-05_9bd3eb40b9891a71371e7f6747c0f0e6_cryptolocker
- Size
  
  32KB
- MD5
  
  9bd3eb40b9891a71371e7f6747c0f0e6
- SHA1
  
  6daf93f6f80ed7e0e92ba9ddf8efc7ad93b9c159
- SHA256
  
  892940e9d5eb9dd79757c4db0f8c29b4646d118ef3e9f96f7c33d7858e32b7d9
- SHA512
  
  77153d9a07dc6711f97d948f9de25496ea45a4a1b64db4b707ca3a87a52962198d355611e2f5d08b604e2c3475d5ac3e8e9bfdc5e27f9ce096d2ffbe5bdfe190
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdoe:bAvJCYOOvbRPDEgXRcJX
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2