0961422cef0d36ead18c9a4d79db026bcb04d5179187952d92bd3ce8f7f99e13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-11_302e665dbbdc3873522e3903eb8dc9fc_cryptolocker
Size

77KB
Sample

240911-f33eesvblm
MD5

302e665dbbdc3873522e3903eb8dc9fc
SHA1

96b0b0d87fc1707ac20fbfdfce293bcb6c8aacc5
SHA256

0961422cef0d36ead18c9a4d79db026bcb04d5179187952d92bd3ce8f7f99e13
SHA512

e02fbd4e000447207de1cffb416400734e4173a9d6bef187fed989d3c48751fc19dd49cc17cec210544c6db47f7ff4981a498a6d45783b18169638ec59dd8778
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHsKk:X6a+SOtEvwDpjBZYvQd2k

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-11_302e665dbbdc3873522e3903eb8dc9fc_cryptolocker
- Size
  
  77KB
- MD5
  
  302e665dbbdc3873522e3903eb8dc9fc
- SHA1
  
  96b0b0d87fc1707ac20fbfdfce293bcb6c8aacc5
- SHA256
  
  0961422cef0d36ead18c9a4d79db026bcb04d5179187952d92bd3ce8f7f99e13
- SHA512
  
  e02fbd4e000447207de1cffb416400734e4173a9d6bef187fed989d3c48751fc19dd49cc17cec210544c6db47f7ff4981a498a6d45783b18169638ec59dd8778
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHsKk:X6a+SOtEvwDpjBZYvQd2k
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2