91272b440c85f660069a878e4786e0754fcd28efd7eb79dc0c57a17568f50209 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_8b9fee1883c50ec8b8a2f57a84b050e0_cryptolocker
Size

50KB
Sample

240921-czay8a1cpa
MD5

8b9fee1883c50ec8b8a2f57a84b050e0
SHA1

dc3054ac079414f7d66b558b1c1538f63fb68339
SHA256

91272b440c85f660069a878e4786e0754fcd28efd7eb79dc0c57a17568f50209
SHA512

611721a45e494b591499d6f3a7364e42b030a688f17316ae796d6fa8a663bcd0bb48131bac4e741ca3d91962d17701d46cddf66b79671bf46a41fa687b3302b3
SSDEEP

768:26LsoVEeegiZPvEhHSP+gDdQtOOtEvwDpjtMLZdzuqpXsiE8Wq/DpkITN:26Q0ElP6G+gBQMOtEvwDpjgWMl7TN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-21_8b9fee1883c50ec8b8a2f57a84b050e0_cryptolocker
- Size
  
  50KB
- MD5
  
  8b9fee1883c50ec8b8a2f57a84b050e0
- SHA1
  
  dc3054ac079414f7d66b558b1c1538f63fb68339
- SHA256
  
  91272b440c85f660069a878e4786e0754fcd28efd7eb79dc0c57a17568f50209
- SHA512
  
  611721a45e494b591499d6f3a7364e42b030a688f17316ae796d6fa8a663bcd0bb48131bac4e741ca3d91962d17701d46cddf66b79671bf46a41fa687b3302b3
- SSDEEP
  
  768:26LsoVEeegiZPvEhHSP+gDdQtOOtEvwDpjtMLZdzuqpXsiE8Wq/DpkITN:26Q0ElP6G+gBQMOtEvwDpjgWMl7TN
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2