a6e74bb2fd10e32582e36b1b2f469dfca8e736ed1e7a8b36daa8935d93dfa23c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-30_6101bc2cb65a70849c2c4c186fb95661_cryptolocker
Size

35KB
Sample

240930-hhhkmavhlc
MD5

6101bc2cb65a70849c2c4c186fb95661
SHA1

bfcf1df11e2f1346c4c8210af6e00df23e1764a2
SHA256

a6e74bb2fd10e32582e36b1b2f469dfca8e736ed1e7a8b36daa8935d93dfa23c
SHA512

8c4e9e55a766c7b9998fdb081e71ed481d5a610517c8e1aad40d2bd713a36d8b3c464de6d188d29b03044bc497c521327089c8c8b732d64c846fe53be669140b
SSDEEP

384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzoCt9/B1RU3qE4kb6oTeB:b7o/2n1TCraU6GD1a4Xt9bRU6zA6oTu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-30_6101bc2cb65a70849c2c4c186fb95661_cryptolocker
- Size
  
  35KB
- MD5
  
  6101bc2cb65a70849c2c4c186fb95661
- SHA1
  
  bfcf1df11e2f1346c4c8210af6e00df23e1764a2
- SHA256
  
  a6e74bb2fd10e32582e36b1b2f469dfca8e736ed1e7a8b36daa8935d93dfa23c
- SHA512
  
  8c4e9e55a766c7b9998fdb081e71ed481d5a610517c8e1aad40d2bd713a36d8b3c464de6d188d29b03044bc497c521327089c8c8b732d64c846fe53be669140b
- SSDEEP
  
  384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzoCt9/B1RU3qE4kb6oTeB:b7o/2n1TCraU6GD1a4Xt9bRU6zA6oTu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2