b12a63ac85b782a4804c58f7f92761f6628e6f3bbb4a582b74bcfa0df782afc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_bca189f367c846c218012c328f1d37a5_cryptolocker
Size

42KB
Sample

240921-f5gwhaxana
MD5

bca189f367c846c218012c328f1d37a5
SHA1

265aee9ae9e76e3b58c334904853baadcedd20a6
SHA256

b12a63ac85b782a4804c58f7f92761f6628e6f3bbb4a582b74bcfa0df782afc8
SHA512

c9b1a16186f2d3cfb676d5b3a078a7a65a557dda2eeaf6e49e7b103a14fd96acc551b79253d25b6a675f6028618dfe418495ea4ba83931fb2f55e67f007f769a
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B94IOMHo3sxP1TP:btB9g/WItCSsAGjX7r3BPOMHoc/QQJPZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-21_bca189f367c846c218012c328f1d37a5_cryptolocker
- Size
  
  42KB
- MD5
  
  bca189f367c846c218012c328f1d37a5
- SHA1
  
  265aee9ae9e76e3b58c334904853baadcedd20a6
- SHA256
  
  b12a63ac85b782a4804c58f7f92761f6628e6f3bbb4a582b74bcfa0df782afc8
- SHA512
  
  c9b1a16186f2d3cfb676d5b3a078a7a65a557dda2eeaf6e49e7b103a14fd96acc551b79253d25b6a675f6028618dfe418495ea4ba83931fb2f55e67f007f769a
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4l8tFFxE2B94IOMHo3sxP1TP:btB9g/WItCSsAGjX7r3BPOMHoc/QQJPZ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2