e5840dbafbaffa0084a949d7a148df6e12dfdbef7ed84ad095ccd5e0a354e9ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-12_63a7cda21becae6c5702624a9eec57ed_cryptolocker
Size

77KB
Sample

240912-hfmrkawekd
MD5

63a7cda21becae6c5702624a9eec57ed
SHA1

77015f9628ecc993c978b70192f043048afb353f
SHA256

e5840dbafbaffa0084a949d7a148df6e12dfdbef7ed84ad095ccd5e0a354e9ac
SHA512

b701550b47dd9a1b7e47a326127e01eec0b42d1b7692fc894bc0dc3229e8b2e2d7534930ad88b799549880f23b256ac42ec9d1d5ec056526976763263a2aac9c
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHs7:X6a+SOtEvwDpjBZYvQd20

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_63a7cda21becae6c5702624a9eec57ed_cryptolocker
- Size
  
  77KB
- MD5
  
  63a7cda21becae6c5702624a9eec57ed
- SHA1
  
  77015f9628ecc993c978b70192f043048afb353f
- SHA256
  
  e5840dbafbaffa0084a949d7a148df6e12dfdbef7ed84ad095ccd5e0a354e9ac
- SHA512
  
  b701550b47dd9a1b7e47a326127e01eec0b42d1b7692fc894bc0dc3229e8b2e2d7534930ad88b799549880f23b256ac42ec9d1d5ec056526976763263a2aac9c
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHs7:X6a+SOtEvwDpjBZYvQd20
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2