f7e27af424e1161174db72a3d4a49e82022d318980edd488f7267809e1e72ace | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-05_813fd7b30571328b997db533f1921570_cryptolocker
Size

29KB
Sample

241005-x9fbxavfnh
MD5

813fd7b30571328b997db533f1921570
SHA1

0073483d843aa1a648a679f2d1be52dd0e256efc
SHA256

f7e27af424e1161174db72a3d4a49e82022d318980edd488f7267809e1e72ace
SHA512

2f9f061ba3968e15510fd9f52aaf807e3a71445e9ee16300a6aa2cec23ea4935659c2842e8b2d96614c8ba0ff6af5aaa5c9feecf2c2fb4268cc5ac14c77811c7
SSDEEP

384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUk5hncEP4:bgX4zYcgTEu6QOaryfjkx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-05_813fd7b30571328b997db533f1921570_cryptolocker
- Size
  
  29KB
- MD5
  
  813fd7b30571328b997db533f1921570
- SHA1
  
  0073483d843aa1a648a679f2d1be52dd0e256efc
- SHA256
  
  f7e27af424e1161174db72a3d4a49e82022d318980edd488f7267809e1e72ace
- SHA512
  
  2f9f061ba3968e15510fd9f52aaf807e3a71445e9ee16300a6aa2cec23ea4935659c2842e8b2d96614c8ba0ff6af5aaa5c9feecf2c2fb4268cc5ac14c77811c7
- SSDEEP
  
  384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUk5hncEP4:bgX4zYcgTEu6QOaryfjkx
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2