507aa5f014d8e9c52ef65d15f0e0b4da9c397a4924f3eadc10d2c52693b12d1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-12_c1b2e75106b20a2b61d680bd213eacf7_cryptolocker
Size

67KB
Sample

240912-dhcxxsxhjm
MD5

c1b2e75106b20a2b61d680bd213eacf7
SHA1

831fb7ad28249303df6e28251d26fdef5ed4a494
SHA256

507aa5f014d8e9c52ef65d15f0e0b4da9c397a4924f3eadc10d2c52693b12d1e
SHA512

1a96f4c4bebb3a8a5ce9c0a67ca37a56e80ef8db741bae13c0f98e1a2bded0da16e195eb69653efa094825e69669a763d2acc1f76b5d9cd434a055f0aaee3208
SSDEEP

1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsijk:BbdDmjr+OtEvwDpjM8B

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_c1b2e75106b20a2b61d680bd213eacf7_cryptolocker
- Size
  
  67KB
- MD5
  
  c1b2e75106b20a2b61d680bd213eacf7
- SHA1
  
  831fb7ad28249303df6e28251d26fdef5ed4a494
- SHA256
  
  507aa5f014d8e9c52ef65d15f0e0b4da9c397a4924f3eadc10d2c52693b12d1e
- SHA512
  
  1a96f4c4bebb3a8a5ce9c0a67ca37a56e80ef8db741bae13c0f98e1a2bded0da16e195eb69653efa094825e69669a763d2acc1f76b5d9cd434a055f0aaee3208
- SSDEEP
  
  1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsijk:BbdDmjr+OtEvwDpjM8B
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2