6fbeaf8c2148da058c61cd64612202444318cdcd80718a9f2c292270c1cb6ece | Triage

Sharing

General

Target

2024-09-19_8b0f3cf2eb1c4df8df083e1ac585b1cc_cryptolocker
Size

43KB
Sample

240919-f7tcbatbpq
MD5

8b0f3cf2eb1c4df8df083e1ac585b1cc
SHA1

d4014bb3da4a23518d14924faa3d586be88ec1c2
SHA256

6fbeaf8c2148da058c61cd64612202444318cdcd80718a9f2c292270c1cb6ece
SHA512

14dd3d958c6d37a20269afa166cf1cf39da74f80c76587afa85c8ca3f6e006f40314309508eb9e40f059b3633b10139f523a4ce2c9848a04c858bab39d773592
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAL:b/pYayGig5HjS3NPAL

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_8b0f3cf2eb1c4df8df083e1ac585b1cc_cryptolocker
- Size
  
  43KB
- MD5
  
  8b0f3cf2eb1c4df8df083e1ac585b1cc
- SHA1
  
  d4014bb3da4a23518d14924faa3d586be88ec1c2
- SHA256
  
  6fbeaf8c2148da058c61cd64612202444318cdcd80718a9f2c292270c1cb6ece
- SHA512
  
  14dd3d958c6d37a20269afa166cf1cf39da74f80c76587afa85c8ca3f6e006f40314309508eb9e40f059b3633b10139f523a4ce2c9848a04c858bab39d773592
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAL:b/pYayGig5HjS3NPAL
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2