71ac8893f3208d9d16ab145c9fcdea2cc425f844ea60acb68f747e80c2bdf856 | Triage

Sharing

General

Target

2024-09-13_9b3eb5d98f7f8a81d9831708e2c5aafe_cryptolocker
Size

33KB
Sample

240913-rp6qgathlc
MD5

9b3eb5d98f7f8a81d9831708e2c5aafe
SHA1

5e357ddeee594cfc304f6ff85483d12227f4869d
SHA256

71ac8893f3208d9d16ab145c9fcdea2cc425f844ea60acb68f747e80c2bdf856
SHA512

414f4e5e11dd1befbf0609d1982c6ae4ba7db0ab08d1decf6fd3ae3f2701409d4cc736f559aece567b26b1fffae2d71aa3bdc3aa437624b048d697e0064c48b5
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7Qdb:bAvJCYOOvbRPDEgXRcJUdb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-13_9b3eb5d98f7f8a81d9831708e2c5aafe_cryptolocker
- Size
  
  33KB
- MD5
  
  9b3eb5d98f7f8a81d9831708e2c5aafe
- SHA1
  
  5e357ddeee594cfc304f6ff85483d12227f4869d
- SHA256
  
  71ac8893f3208d9d16ab145c9fcdea2cc425f844ea60acb68f747e80c2bdf856
- SHA512
  
  414f4e5e11dd1befbf0609d1982c6ae4ba7db0ab08d1decf6fd3ae3f2701409d4cc736f559aece567b26b1fffae2d71aa3bdc3aa437624b048d697e0064c48b5
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7Qdb:bAvJCYOOvbRPDEgXRcJUdb
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2