9f9ba87db16da2ad25f1d57d5584d5608cbb6a630fbebb4ab03fc9df2877a1d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-05_32b5957293f98168157e41878c75c728_cryptolocker
Size

48KB
Sample

241005-f7jswaxhrn
MD5

32b5957293f98168157e41878c75c728
SHA1

3709c779cf26aeebcaa14a7e767853d1d9ee2f00
SHA256

9f9ba87db16da2ad25f1d57d5584d5608cbb6a630fbebb4ab03fc9df2877a1d1
SHA512

fab9bd01769a608dce77358b0baa2b828d709cdb612337962d9e5b3ae9400ec65742bdc0eb2473d5f1150cd65e15e703c0d5a35843b9b27be694d157d7ad7e34
SSDEEP

768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKyNk:79mqyNhQMOtEvwDpjBxe8TpLk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-05_32b5957293f98168157e41878c75c728_cryptolocker
- Size
  
  48KB
- MD5
  
  32b5957293f98168157e41878c75c728
- SHA1
  
  3709c779cf26aeebcaa14a7e767853d1d9ee2f00
- SHA256
  
  9f9ba87db16da2ad25f1d57d5584d5608cbb6a630fbebb4ab03fc9df2877a1d1
- SHA512
  
  fab9bd01769a608dce77358b0baa2b828d709cdb612337962d9e5b3ae9400ec65742bdc0eb2473d5f1150cd65e15e703c0d5a35843b9b27be694d157d7ad7e34
- SSDEEP
  
  768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKyNk:79mqyNhQMOtEvwDpjBxe8TpLk
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2