5f0b9d61cae1646c9dc683da88a53af415aeb525a46091f158b434ee630f2b9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-11_20c4d49d3be01cef50291675b2bafd5a_cryptolocker
Size

39KB
Sample

240911-qm3elashkb
MD5

20c4d49d3be01cef50291675b2bafd5a
SHA1

ec4c930414d99d598f4e986a150de65cc6e32683
SHA256

5f0b9d61cae1646c9dc683da88a53af415aeb525a46091f158b434ee630f2b9d
SHA512

4cff48f08c18cc4453cf263b66bd162fb44806221012886e1d36d5362d5085d0681d3c18c40c312158e8aba0b64198895e7dbbbe6b2325f76c275cec24ce17ae
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunRSy3L/:btB9g/WItCSsAGjX7e9N0hunRvL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-11_20c4d49d3be01cef50291675b2bafd5a_cryptolocker
- Size
  
  39KB
- MD5
  
  20c4d49d3be01cef50291675b2bafd5a
- SHA1
  
  ec4c930414d99d598f4e986a150de65cc6e32683
- SHA256
  
  5f0b9d61cae1646c9dc683da88a53af415aeb525a46091f158b434ee630f2b9d
- SHA512
  
  4cff48f08c18cc4453cf263b66bd162fb44806221012886e1d36d5362d5085d0681d3c18c40c312158e8aba0b64198895e7dbbbe6b2325f76c275cec24ce17ae
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunRSy3L/:btB9g/WItCSsAGjX7e9N0hunRvL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2