394d35541b2dbac9e80e3aec2ff1e7b7dff6e47066a44c14429e6db965f8462d | Triage

Sharing

General

Target

2024-09-25_6b5491f458e3835e7467a778949f2507_cryptolocker
Size

55KB
Sample

240925-h9ja8ssfmj
MD5

6b5491f458e3835e7467a778949f2507
SHA1

b292cfeb7920e203023f90993c82c109bb296949
SHA256

394d35541b2dbac9e80e3aec2ff1e7b7dff6e47066a44c14429e6db965f8462d
SHA512

8ef3245411780c35c16ccbb821bf55cd2fce8c178581f2911fec77fa00a6a0af80cfa645c34ac1d0033fd3840dbc79b1e595a53c09992d489809b60d5726c482
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vxmlcaTIJ:X6QFElP6n+gJBMOtEvwDpjBtExmlu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-25_6b5491f458e3835e7467a778949f2507_cryptolocker
- Size
  
  55KB
- MD5
  
  6b5491f458e3835e7467a778949f2507
- SHA1
  
  b292cfeb7920e203023f90993c82c109bb296949
- SHA256
  
  394d35541b2dbac9e80e3aec2ff1e7b7dff6e47066a44c14429e6db965f8462d
- SHA512
  
  8ef3245411780c35c16ccbb821bf55cd2fce8c178581f2911fec77fa00a6a0af80cfa645c34ac1d0033fd3840dbc79b1e595a53c09992d489809b60d5726c482
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vxmlcaTIJ:X6QFElP6n+gJBMOtEvwDpjBtExmlu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2