0d81ebe8a460a5848597c5bbe49ccd0394e8fe958d4567cffbfc85f69e3ddff6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-06_7e1c11f52adc8cdec1e9680252068025_cryptolocker
Size

48KB
Sample

240906-h9lflatcrr
MD5

7e1c11f52adc8cdec1e9680252068025
SHA1

4e84be24aa00da44dcf787881b38b6ee74984e9f
SHA256

0d81ebe8a460a5848597c5bbe49ccd0394e8fe958d4567cffbfc85f69e3ddff6
SHA512

8e0ed7df8ffb292f16340c05472b9fea0eefe99f11404eae8a5a15619c58c3a8aeeac1acef274888f83714698a28df730a00e4ac23a4bb17e9e6ef577477679d
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsiEf:V6QFElP6n+gMQMOtEvwDpjyaYaFAh390

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-06_7e1c11f52adc8cdec1e9680252068025_cryptolocker
- Size
  
  48KB
- MD5
  
  7e1c11f52adc8cdec1e9680252068025
- SHA1
  
  4e84be24aa00da44dcf787881b38b6ee74984e9f
- SHA256
  
  0d81ebe8a460a5848597c5bbe49ccd0394e8fe958d4567cffbfc85f69e3ddff6
- SHA512
  
  8e0ed7df8ffb292f16340c05472b9fea0eefe99f11404eae8a5a15619c58c3a8aeeac1acef274888f83714698a28df730a00e4ac23a4bb17e9e6ef577477679d
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsiEf:V6QFElP6n+gMQMOtEvwDpjyaYaFAh390
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2