e9aa046ed66ba371e35c9337a12c53c655d3cf54578e357dd257a45122ccc6a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-12_c825ec56e94e8e599ed3ed6bc483a850_cryptolocker
Size

76KB
Sample

240912-hkvb7swgkg
MD5

c825ec56e94e8e599ed3ed6bc483a850
SHA1

b4c1a6a8c0d67048840bb91a9b8755e19d525b31
SHA256

e9aa046ed66ba371e35c9337a12c53c655d3cf54578e357dd257a45122ccc6a1
SHA512

bb65b52eda6c14b3191754dd7febfafbe6915d7f4f6a3045609a92b68ab66f87c24620130f7cf672b8d0b2b508af30937433e970320bc4d00eeaa3678bca0494
SSDEEP

768:u6LsoEEeegiZPvEhHSG+gZgtOOtEvwDpjeY10Y/YMsMXm:u6QFElP6n+gWMOtEvwDpjJGYQb+m

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_c825ec56e94e8e599ed3ed6bc483a850_cryptolocker
- Size
  
  76KB
- MD5
  
  c825ec56e94e8e599ed3ed6bc483a850
- SHA1
  
  b4c1a6a8c0d67048840bb91a9b8755e19d525b31
- SHA256
  
  e9aa046ed66ba371e35c9337a12c53c655d3cf54578e357dd257a45122ccc6a1
- SHA512
  
  bb65b52eda6c14b3191754dd7febfafbe6915d7f4f6a3045609a92b68ab66f87c24620130f7cf672b8d0b2b508af30937433e970320bc4d00eeaa3678bca0494
- SSDEEP
  
  768:u6LsoEEeegiZPvEhHSG+gZgtOOtEvwDpjeY10Y/YMsMXm:u6QFElP6n+gWMOtEvwDpjJGYQb+m
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2