6f4bcf4af61ba13ecdb4193b409114d93ce36171cb613c08b152b0260aebd516 | Triage

Sharing

General

Target

2024-09-19_fb64c59d6ae620d37d2154197c7cb801_cryptolocker
Size

81KB
Sample

240919-c41enswhnp
MD5

fb64c59d6ae620d37d2154197c7cb801
SHA1

0a33795711f36ff008d6441914179715ff8a60c7
SHA256

6f4bcf4af61ba13ecdb4193b409114d93ce36171cb613c08b152b0260aebd516
SHA512

54e2cea993213119fbc6dd595fe0aa29f91ebea51f9190d9aa214afa3c13351dcf070b77b8cbabc0522176c9510990601d3a1e5c4bb92545d97f744a059f3593
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMry:TCjsIOtEvwDpj5HE/OUHnSM8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_fb64c59d6ae620d37d2154197c7cb801_cryptolocker
- Size
  
  81KB
- MD5
  
  fb64c59d6ae620d37d2154197c7cb801
- SHA1
  
  0a33795711f36ff008d6441914179715ff8a60c7
- SHA256
  
  6f4bcf4af61ba13ecdb4193b409114d93ce36171cb613c08b152b0260aebd516
- SHA512
  
  54e2cea993213119fbc6dd595fe0aa29f91ebea51f9190d9aa214afa3c13351dcf070b77b8cbabc0522176c9510990601d3a1e5c4bb92545d97f744a059f3593
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMry:TCjsIOtEvwDpj5HE/OUHnSM8
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2