79079c048e65d6f83a8d5bcaf8196a94f0a024704ec93aaf3c36fd9d267c1801 | Triage

Sharing

General

Target

2024-09-19_d8fc97795a9cf6dc192b1cd4507db15e_cryptolocker
Size

45KB
Sample

240919-haqahavhmn
MD5

d8fc97795a9cf6dc192b1cd4507db15e
SHA1

62d3df4729c440b8d6a7a3e8e9408e729522e2fc
SHA256

79079c048e65d6f83a8d5bcaf8196a94f0a024704ec93aaf3c36fd9d267c1801
SHA512

eb3f750c3301c600a110719d2a9134d798911d17bf58eea6d46db1ff30a65d7d12eb466ad10f86e366d1ad9223ef5984542f1cfb2a2ae5ed4ea5e8cfc7e6ba55
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldfw:xj+VGMOtEvwDpjk/fw

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_d8fc97795a9cf6dc192b1cd4507db15e_cryptolocker
- Size
  
  45KB
- MD5
  
  d8fc97795a9cf6dc192b1cd4507db15e
- SHA1
  
  62d3df4729c440b8d6a7a3e8e9408e729522e2fc
- SHA256
  
  79079c048e65d6f83a8d5bcaf8196a94f0a024704ec93aaf3c36fd9d267c1801
- SHA512
  
  eb3f750c3301c600a110719d2a9134d798911d17bf58eea6d46db1ff30a65d7d12eb466ad10f86e366d1ad9223ef5984542f1cfb2a2ae5ed4ea5e8cfc7e6ba55
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldfw:xj+VGMOtEvwDpjk/fw
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2