00d9e773d5147aa0691263b5d89ae9b8ed8fbb6079555c37d1906a508e0eee58 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-09_78079d771a51a70641295e470253b06f_cryptolocker
Size

39KB
Sample

240909-gfpeqawhnf
MD5

78079d771a51a70641295e470253b06f
SHA1

39a92cdef89ad15373104279fcd0289b4ca0d158
SHA256

00d9e773d5147aa0691263b5d89ae9b8ed8fbb6079555c37d1906a508e0eee58
SHA512

2ac34aacc3501739cbb380726be544ef801dce2852526443e3b602c4a408ac09c77168dc261b2aa5d7581e5867edcfa561e58b5418b26eb54b5f0955d74caf9d
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4ql:fT+hsMQMOtEvwDpjoIHe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-09_78079d771a51a70641295e470253b06f_cryptolocker
- Size
  
  39KB
- MD5
  
  78079d771a51a70641295e470253b06f
- SHA1
  
  39a92cdef89ad15373104279fcd0289b4ca0d158
- SHA256
  
  00d9e773d5147aa0691263b5d89ae9b8ed8fbb6079555c37d1906a508e0eee58
- SHA512
  
  2ac34aacc3501739cbb380726be544ef801dce2852526443e3b602c4a408ac09c77168dc261b2aa5d7581e5867edcfa561e58b5418b26eb54b5f0955d74caf9d
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4ql:fT+hsMQMOtEvwDpjoIHe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2