0bd71cb252b279e0d36a4a4ea86a2e8ca817df8024a4b2d908721a8d9ea2f093 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-04_ae8e1b06a9ab1690c0a51894224193ed_cryptolocker
Size

47KB
Sample

241004-d9wt4swhjh
MD5

ae8e1b06a9ab1690c0a51894224193ed
SHA1

7fafb9b70a528aa9234cb3f89f2b5dc213b9d836
SHA256

0bd71cb252b279e0d36a4a4ea86a2e8ca817df8024a4b2d908721a8d9ea2f093
SHA512

42bf6d075a0d27a8fe153926f42c0c19a4ed0c6b023a9b2e6e2f38b3e9c9a6de07ae479f37724eedc13324b832443b74f80881d57c2552411f1198523db1f369
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9Hkeda:X6QFElP6n+gJQMOtEvwDpjBmzDkWDt4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-04_ae8e1b06a9ab1690c0a51894224193ed_cryptolocker
- Size
  
  47KB
- MD5
  
  ae8e1b06a9ab1690c0a51894224193ed
- SHA1
  
  7fafb9b70a528aa9234cb3f89f2b5dc213b9d836
- SHA256
  
  0bd71cb252b279e0d36a4a4ea86a2e8ca817df8024a4b2d908721a8d9ea2f093
- SHA512
  
  42bf6d075a0d27a8fe153926f42c0c19a4ed0c6b023a9b2e6e2f38b3e9c9a6de07ae479f37724eedc13324b832443b74f80881d57c2552411f1198523db1f369
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaD3TP7DFHuRcD9Hkeda:X6QFElP6n+gJQMOtEvwDpjBmzDkWDt4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2