b92bbe017ad1e377835c30bc3cbb0b36497c62537d70dadec209b400d9838488 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-12_9e5efdc6eb6529fd2c0fd0720afc76c2_cryptolocker
Size

47KB
Sample

240912-rpw62aydmq
MD5

9e5efdc6eb6529fd2c0fd0720afc76c2
SHA1

9dffc8a96467a18e4d1c4325b1a42e71fa505029
SHA256

b92bbe017ad1e377835c30bc3cbb0b36497c62537d70dadec209b400d9838488
SHA512

43bdbffe5842e1a1b03d2731f19a90e2403c4eb28c35a9996fb814f825f2384b977d8bd0988b2470930e1064bcdd4da2dc7a41ee76c809a1bb276e5f2ce8c81c
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsJxi:V6QFElP6n+gMQMOtEvwDpjyaYaFAh3mi

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-12_9e5efdc6eb6529fd2c0fd0720afc76c2_cryptolocker
- Size
  
  47KB
- MD5
  
  9e5efdc6eb6529fd2c0fd0720afc76c2
- SHA1
  
  9dffc8a96467a18e4d1c4325b1a42e71fa505029
- SHA256
  
  b92bbe017ad1e377835c30bc3cbb0b36497c62537d70dadec209b400d9838488
- SHA512
  
  43bdbffe5842e1a1b03d2731f19a90e2403c4eb28c35a9996fb814f825f2384b977d8bd0988b2470930e1064bcdd4da2dc7a41ee76c809a1bb276e5f2ce8c81c
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YOzzfm0EXsJxi:V6QFElP6n+gMQMOtEvwDpjyaYaFAh3mi
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2