a832f04de591b715a4321b61eaba9dc93e274f72bf5a79eeecd0d5c2d5756876 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_829e348e1815998392f54e0533499458_cryptolocker
Size

38KB
Sample

240921-g8m3csygpq
MD5

829e348e1815998392f54e0533499458
SHA1

1e805be3a393d2e65e45335e9d53d6ab02dd8710
SHA256

a832f04de591b715a4321b61eaba9dc93e274f72bf5a79eeecd0d5c2d5756876
SHA512

6d8438c8a35de4d53511c060aaaaf32b99093e0e63ceb00e92efea3b33ca9a47528a8c2190e8a2451e86576999ec4e124c58414faf27fca650001c141585ab71
SSDEEP

768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6j4AYsqSh+DETke+:YGzl5wjRQBBOsP1QMOtEvwDpjl39+D+s

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-21_829e348e1815998392f54e0533499458_cryptolocker
- Size
  
  38KB
- MD5
  
  829e348e1815998392f54e0533499458
- SHA1
  
  1e805be3a393d2e65e45335e9d53d6ab02dd8710
- SHA256
  
  a832f04de591b715a4321b61eaba9dc93e274f72bf5a79eeecd0d5c2d5756876
- SHA512
  
  6d8438c8a35de4d53511c060aaaaf32b99093e0e63ceb00e92efea3b33ca9a47528a8c2190e8a2451e86576999ec4e124c58414faf27fca650001c141585ab71
- SSDEEP
  
  768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6j4AYsqSh+DETke+:YGzl5wjRQBBOsP1QMOtEvwDpjl39+D+s
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2