0764169cf153bc9b480eb56fa40133ef798e117e3ac8439c1d11a563b31cb2f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_8210d88a463e3fb8669707401c0984d0_cryptolocker
Size

36KB
Sample

240921-cyzaes1djr
MD5

8210d88a463e3fb8669707401c0984d0
SHA1

494fe303a795a69e0873bc59b0620ee0b177f66d
SHA256

0764169cf153bc9b480eb56fa40133ef798e117e3ac8439c1d11a563b31cb2f8
SHA512

370550f30d267218dbcbc3f5ac33aa4b2c5a7222825bce5da952ee82ab46f7ead43fef79639032da2b1b9c50969dcbc0367f4e8d18476868183287c7cbdc0f8c
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKM7:vj+jsMQMOtEvwDpj5Ht17

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-21_8210d88a463e3fb8669707401c0984d0_cryptolocker
- Size
  
  36KB
- MD5
  
  8210d88a463e3fb8669707401c0984d0
- SHA1
  
  494fe303a795a69e0873bc59b0620ee0b177f66d
- SHA256
  
  0764169cf153bc9b480eb56fa40133ef798e117e3ac8439c1d11a563b31cb2f8
- SHA512
  
  370550f30d267218dbcbc3f5ac33aa4b2c5a7222825bce5da952ee82ab46f7ead43fef79639032da2b1b9c50969dcbc0367f4e8d18476868183287c7cbdc0f8c
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4tKM7:vj+jsMQMOtEvwDpj5Ht17
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2