0f1279682baac11edbc263c6ce3a600ba8901aca595662dd3f5894a95496a5bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-30_8df6431198826628d9cbbb9f9752c9da_cryptolocker
Size

74KB
Sample

240930-awyvrsseka
MD5

8df6431198826628d9cbbb9f9752c9da
SHA1

a09f5ce511aa1468934138cbda901b29e45dd794
SHA256

0f1279682baac11edbc263c6ce3a600ba8901aca595662dd3f5894a95496a5bc
SHA512

6f719f4493836351b372e49ab9f432b01d04c3542ccee8c6d1f6a43cd0a8abd882c1d546be6b657555aba2d37bf71f5f83d2cc174e6ef2641504a2adc7ccdc43
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWR:ZVxkGOtEvwDpjcax0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-30_8df6431198826628d9cbbb9f9752c9da_cryptolocker
- Size
  
  74KB
- MD5
  
  8df6431198826628d9cbbb9f9752c9da
- SHA1
  
  a09f5ce511aa1468934138cbda901b29e45dd794
- SHA256
  
  0f1279682baac11edbc263c6ce3a600ba8901aca595662dd3f5894a95496a5bc
- SHA512
  
  6f719f4493836351b372e49ab9f432b01d04c3542ccee8c6d1f6a43cd0a8abd882c1d546be6b657555aba2d37bf71f5f83d2cc174e6ef2641504a2adc7ccdc43
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KEWR:ZVxkGOtEvwDpjcax0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2