fab12d56c52760ecfcc66bf04cd4de600d94e3d2e8a746d685cfba7ea1051e19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-09_b6b583fef98ca7fab80c9a15b1db5d5b_cryptolocker
Size

32KB
Sample

240909-d7xzdssepc
MD5

b6b583fef98ca7fab80c9a15b1db5d5b
SHA1

553aad4a3ab8e8bd3dbd9c0bb612a46a1fcd82aa
SHA256

fab12d56c52760ecfcc66bf04cd4de600d94e3d2e8a746d685cfba7ea1051e19
SHA512

c8f26f322d10162fde2cb27b61d947f3b4364df8cc6ee2d074623bd051998817a2e018d0f9e2a5bec3d670f51b995ad4a6666d8f23fa8b9e90b3955bc62ed24a
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdo8:bAvJCYOOvbRPDEgXRcJB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-09_b6b583fef98ca7fab80c9a15b1db5d5b_cryptolocker
- Size
  
  32KB
- MD5
  
  b6b583fef98ca7fab80c9a15b1db5d5b
- SHA1
  
  553aad4a3ab8e8bd3dbd9c0bb612a46a1fcd82aa
- SHA256
  
  fab12d56c52760ecfcc66bf04cd4de600d94e3d2e8a746d685cfba7ea1051e19
- SHA512
  
  c8f26f322d10162fde2cb27b61d947f3b4364df8cc6ee2d074623bd051998817a2e018d0f9e2a5bec3d670f51b995ad4a6666d8f23fa8b9e90b3955bc62ed24a
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3vdo8:bAvJCYOOvbRPDEgXRcJB
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2