94c0510b4f0afd5cd53befa7bb314b783afe236b6e6f503ab1425ba413ffdc02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_06c8399a9cae5609170229cb7e121681_cryptolocker
Size

80KB
Sample

241009-dzwrcsvame
MD5

06c8399a9cae5609170229cb7e121681
SHA1

54b9c7aacbefc1cd0108cd11bf77dc1ab319c5c3
SHA256

94c0510b4f0afd5cd53befa7bb314b783afe236b6e6f503ab1425ba413ffdc02
SHA512

ad8571355a49730094e8de52ecec2885064e10fb86bc8c8b81991b3852fea891de1b43790f36c4d8e0c63e463af4c28b17febb70e2d80f1f241b6ff5e3818c4c
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPtNw5CS95yFPFHy:V6QFElP6n+gMQMOtEvwDpjyaLccVNl2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_06c8399a9cae5609170229cb7e121681_cryptolocker
- Size
  
  80KB
- MD5
  
  06c8399a9cae5609170229cb7e121681
- SHA1
  
  54b9c7aacbefc1cd0108cd11bf77dc1ab319c5c3
- SHA256
  
  94c0510b4f0afd5cd53befa7bb314b783afe236b6e6f503ab1425ba413ffdc02
- SHA512
  
  ad8571355a49730094e8de52ecec2885064e10fb86bc8c8b81991b3852fea891de1b43790f36c4d8e0c63e463af4c28b17febb70e2d80f1f241b6ff5e3818c4c
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPtNw5CS95yFPFHy:V6QFElP6n+gMQMOtEvwDpjyaLccVNl2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2