f031c48b5d2d34c82b238aaaae7c872cc7b83dadb7e7021b1d0add6b240e3bf8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-08_66cfb089f580145be3b4d8b318dafea1_cryptolocker
Size

52KB
Sample

240908-c9eeds1bjk
MD5

66cfb089f580145be3b4d8b318dafea1
SHA1

4d6c7e01bf94b856bb2e64ccbb1dcc4e4fd7ca46
SHA256

f031c48b5d2d34c82b238aaaae7c872cc7b83dadb7e7021b1d0add6b240e3bf8
SHA512

af8761b0a3d3c36bc3dd84bc14c16c286d651421eba7b2a50ac0f3a7ae035eae1bb52d58203233627b5a81ffc0393e3f04f1ec184d04f32410c2a6bab6d6d2c1
SSDEEP

1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1xzpAIXa6gW:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7Q

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-08_66cfb089f580145be3b4d8b318dafea1_cryptolocker
- Size
  
  52KB
- MD5
  
  66cfb089f580145be3b4d8b318dafea1
- SHA1
  
  4d6c7e01bf94b856bb2e64ccbb1dcc4e4fd7ca46
- SHA256
  
  f031c48b5d2d34c82b238aaaae7c872cc7b83dadb7e7021b1d0add6b240e3bf8
- SHA512
  
  af8761b0a3d3c36bc3dd84bc14c16c286d651421eba7b2a50ac0f3a7ae035eae1bb52d58203233627b5a81ffc0393e3f04f1ec184d04f32410c2a6bab6d6d2c1
- SSDEEP
  
  1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1xzpAIXa6gW:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7Q
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2