b2ee13dfd158d8c7c4f4f5bbf87359d79499a22133f43d322f082bb83c46b9bc | Triage

Sharing

General

Target

2024-09-05_bdf5f9c6a0ad424e8b0a16e6672bd5ea_cryptolocker
Size

71KB
Sample

240905-pepyvszhln
MD5

bdf5f9c6a0ad424e8b0a16e6672bd5ea
SHA1

76902baeb876d74b1e567382a2f55c3edc07ffc4
SHA256

b2ee13dfd158d8c7c4f4f5bbf87359d79499a22133f43d322f082bb83c46b9bc
SHA512

ea77e89c8a367ec34822f406633d86adbe1bf261f9b24e6c42a389a7ddc193a5c8e372deb133448bd71d4ea6e44f74f21aa39e8f1514b3cd6e8dcd3f784c29b6
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/R9:vj+jsMQMOtEvwDpj5HZYTjipvF24F

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-05_bdf5f9c6a0ad424e8b0a16e6672bd5ea_cryptolocker
- Size
  
  71KB
- MD5
  
  bdf5f9c6a0ad424e8b0a16e6672bd5ea
- SHA1
  
  76902baeb876d74b1e567382a2f55c3edc07ffc4
- SHA256
  
  b2ee13dfd158d8c7c4f4f5bbf87359d79499a22133f43d322f082bb83c46b9bc
- SHA512
  
  ea77e89c8a367ec34822f406633d86adbe1bf261f9b24e6c42a389a7ddc193a5c8e372deb133448bd71d4ea6e44f74f21aa39e8f1514b3cd6e8dcd3f784c29b6
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/R9:vj+jsMQMOtEvwDpj5HZYTjipvF24F
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2