c92406fb0847e8b3cb4d6abaadc60a4bb1416f80a168af602ced9cb1821f496a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-11_3fe86e9fcf6f6d40ee5ba00d8b5ac4d8_cryptolocker
Size

86KB
Sample

240911-f36rvavblr
MD5

3fe86e9fcf6f6d40ee5ba00d8b5ac4d8
SHA1

c6c24cab459902380c77d45edd6257c14192dbba
SHA256

c92406fb0847e8b3cb4d6abaadc60a4bb1416f80a168af602ced9cb1821f496a
SHA512

dced440efd45dff04c193a081db62fa7868e247a7280f5c2b5a5cd0cb60338aca4d6e53ca50463829a05fc35b1a488504faa973ceb373e80cc5f3751e85750b7
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNl6aax:V6a+pOtEvwDpjvp8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-11_3fe86e9fcf6f6d40ee5ba00d8b5ac4d8_cryptolocker
- Size
  
  86KB
- MD5
  
  3fe86e9fcf6f6d40ee5ba00d8b5ac4d8
- SHA1
  
  c6c24cab459902380c77d45edd6257c14192dbba
- SHA256
  
  c92406fb0847e8b3cb4d6abaadc60a4bb1416f80a168af602ced9cb1821f496a
- SHA512
  
  dced440efd45dff04c193a081db62fa7868e247a7280f5c2b5a5cd0cb60338aca4d6e53ca50463829a05fc35b1a488504faa973ceb373e80cc5f3751e85750b7
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNl6aax:V6a+pOtEvwDpjvp8
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2