fa87641cf7e309dd9d0bdfd1108b6d98d5a0f3a78e7c60d29733f4aebce0d2e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_73fbbd4c7449caa42c20ba78c575aff1_cryptolocker
Size

60KB
Sample

240919-me5yzatcjf
MD5

73fbbd4c7449caa42c20ba78c575aff1
SHA1

481deb1c44088a19c692837cacca10979427d88d
SHA256

fa87641cf7e309dd9d0bdfd1108b6d98d5a0f3a78e7c60d29733f4aebce0d2e0
SHA512

c78a53d67d68cc0ef4dd1ab1dcbd7135ec97c538ed7cd709f0c1fb8351a0c026b0085a66b1c85465cd1a327bf6e35c19b3097b0647150a1ecb743517317642a0
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnn:ZzFbxmLPWQMOtEvwDpj386Sj/Rsn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_73fbbd4c7449caa42c20ba78c575aff1_cryptolocker
- Size
  
  60KB
- MD5
  
  73fbbd4c7449caa42c20ba78c575aff1
- SHA1
  
  481deb1c44088a19c692837cacca10979427d88d
- SHA256
  
  fa87641cf7e309dd9d0bdfd1108b6d98d5a0f3a78e7c60d29733f4aebce0d2e0
- SHA512
  
  c78a53d67d68cc0ef4dd1ab1dcbd7135ec97c538ed7cd709f0c1fb8351a0c026b0085a66b1c85465cd1a327bf6e35c19b3097b0647150a1ecb743517317642a0
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/RvDQeduJHqqnn:ZzFbxmLPWQMOtEvwDpj386Sj/Rsn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2