54b90eb9b7d743f012d0080d85ccf16706c17028c4c4093337e07fddfb54a67b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-16_6cfff5ba88242554060fce238e397e2b_cryptolocker
Size

23KB
Sample

241008-zb5j9axfkf
MD5

6cfff5ba88242554060fce238e397e2b
SHA1

d1075dce107acb1a9ceff864ea4621889935324c
SHA256

54b90eb9b7d743f012d0080d85ccf16706c17028c4c4093337e07fddfb54a67b
SHA512

63d8985baa807020558813232c605fb2590d8e6c093b3f456e7771c843fec0eb2e7af68d26150192d1e5dcbe4b21d0f8b55481f94732231199b399b01176bf52
SSDEEP

384:CBOkkLPcM4JIM39ZR8Z87XHjeKtEEue+63BYp2tOOtEvwDpjqIGRFr:CB19M4JIhZMHSKtweHBrtOOtEvwDpjKr

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-16_6cfff5ba88242554060fce238e397e2b_cryptolocker
- Size
  
  23KB
- MD5
  
  6cfff5ba88242554060fce238e397e2b
- SHA1
  
  d1075dce107acb1a9ceff864ea4621889935324c
- SHA256
  
  54b90eb9b7d743f012d0080d85ccf16706c17028c4c4093337e07fddfb54a67b
- SHA512
  
  63d8985baa807020558813232c605fb2590d8e6c093b3f456e7771c843fec0eb2e7af68d26150192d1e5dcbe4b21d0f8b55481f94732231199b399b01176bf52
- SSDEEP
  
  384:CBOkkLPcM4JIM39ZR8Z87XHjeKtEEue+63BYp2tOOtEvwDpjqIGRFr:CB19M4JIhZMHSKtweHBrtOOtEvwDpjKr
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2