c85d98e0f99316198c001b396c859b80d9d5e1abee22b9113c913d4f3833ed6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-27_094d7ca9bd5bb6d1657b0bc820b6b951_cryptolocker
Size

75KB
Sample

240927-g4whyasbmf
MD5

094d7ca9bd5bb6d1657b0bc820b6b951
SHA1

0ae4cf9d73c28dd9f5bd08a2c1a181d5c024644d
SHA256

c85d98e0f99316198c001b396c859b80d9d5e1abee22b9113c913d4f3833ed6e
SHA512

15e6c5594b029454e4949baabff77925657516ddda774753841ecb1c9b55bf3b3b58ffc21a859b7741a1e3768b567460f6edb9b429222c4e6c4efe2884899d14
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUf9:xj+VGMOtEvwDpjubwQEI8Ul

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-27_094d7ca9bd5bb6d1657b0bc820b6b951_cryptolocker
- Size
  
  75KB
- MD5
  
  094d7ca9bd5bb6d1657b0bc820b6b951
- SHA1
  
  0ae4cf9d73c28dd9f5bd08a2c1a181d5c024644d
- SHA256
  
  c85d98e0f99316198c001b396c859b80d9d5e1abee22b9113c913d4f3833ed6e
- SHA512
  
  15e6c5594b029454e4949baabff77925657516ddda774753841ecb1c9b55bf3b3b58ffc21a859b7741a1e3768b567460f6edb9b429222c4e6c4efe2884899d14
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUf9:xj+VGMOtEvwDpjubwQEI8Ul
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2