9100f69eb1ef793d1c049409187e92924ab41dbf208e000100a239d088d7e43c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-08_aa54dca49e63d5b10bf1bd83a44db5c2_cryptolocker
Size

40KB
Sample

240908-dk8glssanm
MD5

aa54dca49e63d5b10bf1bd83a44db5c2
SHA1

21a0e856bdd6076c1ebb49b3f4a78c00b420874f
SHA256

9100f69eb1ef793d1c049409187e92924ab41dbf208e000100a239d088d7e43c
SHA512

845338b6ec35ca1e43cf7fe54339592a2a4684212e514cbe852030e3a160e22c6d16a2f0b15425ef15cc9e7e5eb9849c081556d5e175d919ca077083c62f1d32
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFCw0xM:X6QFElP6n+gJQMOtEvwDpjBmzDU5xM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-08_aa54dca49e63d5b10bf1bd83a44db5c2_cryptolocker
- Size
  
  40KB
- MD5
  
  aa54dca49e63d5b10bf1bd83a44db5c2
- SHA1
  
  21a0e856bdd6076c1ebb49b3f4a78c00b420874f
- SHA256
  
  9100f69eb1ef793d1c049409187e92924ab41dbf208e000100a239d088d7e43c
- SHA512
  
  845338b6ec35ca1e43cf7fe54339592a2a4684212e514cbe852030e3a160e22c6d16a2f0b15425ef15cc9e7e5eb9849c081556d5e175d919ca077083c62f1d32
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFCw0xM:X6QFElP6n+gJQMOtEvwDpjBmzDU5xM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2