196b057985168ccede6b14acf37365001a69b7f423d9c743de6da9591b7f7089 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-06_5a63bca2d4d0d923c0ca79aa26278255_cryptolocker
Size

50KB
Sample

240906-w3x3ps1glm
MD5

5a63bca2d4d0d923c0ca79aa26278255
SHA1

f0c7481e49af66b72d02fe2659df25d18dd623e5
SHA256

196b057985168ccede6b14acf37365001a69b7f423d9c743de6da9591b7f7089
SHA512

0dc7d80283fb326577f2a04647a9ae2f1f0c82b0afffc13929e316f7d0916841db4ea78198b2b9c504edd463f91a73b58e25402ac5fcfea51ee9de82e4f4a8b3
SSDEEP

768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/DpkcAYbq:P6Q0ElP6G+gJQMOtEvwDpjB8WMlf/+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-06_5a63bca2d4d0d923c0ca79aa26278255_cryptolocker
- Size
  
  50KB
- MD5
  
  5a63bca2d4d0d923c0ca79aa26278255
- SHA1
  
  f0c7481e49af66b72d02fe2659df25d18dd623e5
- SHA256
  
  196b057985168ccede6b14acf37365001a69b7f423d9c743de6da9591b7f7089
- SHA512
  
  0dc7d80283fb326577f2a04647a9ae2f1f0c82b0afffc13929e316f7d0916841db4ea78198b2b9c504edd463f91a73b58e25402ac5fcfea51ee9de82e4f4a8b3
- SSDEEP
  
  768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/DpkcAYbq:P6Q0ElP6G+gJQMOtEvwDpjB8WMlf/+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2