867f737e420053e28f371021f6df5635f409faa5a554942648fb0b4b30e82596 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-25_b5f3489b629c6f8295d52db2f75e1f40_cryptolocker
Size

50KB
Sample

240925-eam9cstaql
MD5

b5f3489b629c6f8295d52db2f75e1f40
SHA1

ad464a7b7a8da607fc7ffacaf752d806aff31370
SHA256

867f737e420053e28f371021f6df5635f409faa5a554942648fb0b4b30e82596
SHA512

126b347f549160a02c7d9ed9fc2674259214d2c38574940f84055d4c42a1e3f28934a0819a524002cc7c63d5b273b5e9cac8e38f6b960589606a757e3b30ef8f
SSDEEP

768:bIDOw9UiaCHfjnE0Sfa7ilR0p9u6p4ICNBC1SleKAP2o7kC0:bIDOw9a0DwitDZ0leBZ7w

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_b5f3489b629c6f8295d52db2f75e1f40_cryptolocker
- Size
  
  50KB
- MD5
  
  b5f3489b629c6f8295d52db2f75e1f40
- SHA1
  
  ad464a7b7a8da607fc7ffacaf752d806aff31370
- SHA256
  
  867f737e420053e28f371021f6df5635f409faa5a554942648fb0b4b30e82596
- SHA512
  
  126b347f549160a02c7d9ed9fc2674259214d2c38574940f84055d4c42a1e3f28934a0819a524002cc7c63d5b273b5e9cac8e38f6b960589606a757e3b30ef8f
- SSDEEP
  
  768:bIDOw9UiaCHfjnE0Sfa7ilR0p9u6p4ICNBC1SleKAP2o7kC0:bIDOw9a0DwitDZ0leBZ7w
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2