ab4c349841a77c3f6184a556e1bba1d810575783f5be76865dd11668dc9ab7ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-06_b2a71a1b0d3cdb9e28535874ced32b9e_cryptolocker
Size

31KB
Sample

240906-em82lavfjl
MD5

b2a71a1b0d3cdb9e28535874ced32b9e
SHA1

7010e9fb63f79d19aee670851ced5c15223eb07c
SHA256

ab4c349841a77c3f6184a556e1bba1d810575783f5be76865dd11668dc9ab7ad
SHA512

0825b517d46a0f77915137d9481c675ab8e541f92a0392da91b43f6abebea949d45374a4dc92fdd637e61382b8f523cc90f8be823fdfaf1e35940e5f65bd4bab
SSDEEP

768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGbNAKSjNfS:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-06_b2a71a1b0d3cdb9e28535874ced32b9e_cryptolocker
- Size
  
  31KB
- MD5
  
  b2a71a1b0d3cdb9e28535874ced32b9e
- SHA1
  
  7010e9fb63f79d19aee670851ced5c15223eb07c
- SHA256
  
  ab4c349841a77c3f6184a556e1bba1d810575783f5be76865dd11668dc9ab7ad
- SHA512
  
  0825b517d46a0f77915137d9481c675ab8e541f92a0392da91b43f6abebea949d45374a4dc92fdd637e61382b8f523cc90f8be823fdfaf1e35940e5f65bd4bab
- SSDEEP
  
  768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGbNAKSjNfS:o1KhxqwtdgI2MyzNORQtOflIwoHNV2Xj
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2