b751d2849e92442718b1d3509f4c8e7d8e66e4d35c29d480d95b59c6c1493d52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-04_e4bed2172e04a1bd93e81c94fcbf72e7_cryptolocker
Size

31KB
Sample

241004-qzxpwaxblr
MD5

e4bed2172e04a1bd93e81c94fcbf72e7
SHA1

ba75cbb3848ca71766f57b15cd9d80c2e7738b15
SHA256

b751d2849e92442718b1d3509f4c8e7d8e66e4d35c29d480d95b59c6c1493d52
SHA512

e08ee3ad87f770a4ce7709a63fb427fb67a581d1b32d98144e5eb47210c18372bcde06404db04db02c8362539ed711899b7118707bc83226ea09b6a9706b8949
SSDEEP

384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hp:vQz7yVEhs9+js1SQtOOtEvwDpjz9+9cH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-04_e4bed2172e04a1bd93e81c94fcbf72e7_cryptolocker
- Size
  
  31KB
- MD5
  
  e4bed2172e04a1bd93e81c94fcbf72e7
- SHA1
  
  ba75cbb3848ca71766f57b15cd9d80c2e7738b15
- SHA256
  
  b751d2849e92442718b1d3509f4c8e7d8e66e4d35c29d480d95b59c6c1493d52
- SHA512
  
  e08ee3ad87f770a4ce7709a63fb427fb67a581d1b32d98144e5eb47210c18372bcde06404db04db02c8362539ed711899b7118707bc83226ea09b6a9706b8949
- SSDEEP
  
  384:v0VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26Rsn1rCcOQtOOtEvwDpjqIGRS/Vb9hp:vQz7yVEhs9+js1SQtOOtEvwDpjz9+9cH
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2