711aad93e7f4bbb3038c1c2abb4c4b33bd42b93c2791013897d8a3f1168e1750 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-09_4f38000f262a40af55c277f63d9e78f4_cryptolocker
Size

96KB
Sample

241009-qdlqgszbrf
MD5

4f38000f262a40af55c277f63d9e78f4
SHA1

425b14bb42688db88951c83e647ed11ba2eff16e
SHA256

711aad93e7f4bbb3038c1c2abb4c4b33bd42b93c2791013897d8a3f1168e1750
SHA512

9a99e7698afefb2bff83ce29ead1e83624b636c78f4e7d21a77f5120df93d63d3c9ba4066c6ab30fa25e25fcd76907b830fb1154f1bf7d06adb5f1d05ad20a07
SSDEEP

1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNgpwS:26a+2OtEvwDpjtzm

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-09_4f38000f262a40af55c277f63d9e78f4_cryptolocker
- Size
  
  96KB
- MD5
  
  4f38000f262a40af55c277f63d9e78f4
- SHA1
  
  425b14bb42688db88951c83e647ed11ba2eff16e
- SHA256
  
  711aad93e7f4bbb3038c1c2abb4c4b33bd42b93c2791013897d8a3f1168e1750
- SHA512
  
  9a99e7698afefb2bff83ce29ead1e83624b636c78f4e7d21a77f5120df93d63d3c9ba4066c6ab30fa25e25fcd76907b830fb1154f1bf7d06adb5f1d05ad20a07
- SSDEEP
  
  1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNgpwS:26a+2OtEvwDpjtzm
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2