58ebd101074d2dcf22136cd8875c44b34eff794e390dffac884062177d44d54d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-14_9bbd16b68d5cf46e1b105f467f804f4b_cryptolocker
Size

70KB
Sample

241014-ear8baxfqf
MD5

9bbd16b68d5cf46e1b105f467f804f4b
SHA1

2b8fb805e0cfc6847898ba3c61a64ec849243b43
SHA256

58ebd101074d2dcf22136cd8875c44b34eff794e390dffac884062177d44d54d
SHA512

5d46a9f3bdbbae6c3f9a3d8f4efdcfafdb502b520b6aba3cd747f0a8c0a26e29311a8a0a466e9f7d0b985b6e46bb0ec4afa1416edd6674b21fe9fec286121ec1
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ry:vj+jsMQMOtEvwDpj5HZYTjipvF24pAN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-14_9bbd16b68d5cf46e1b105f467f804f4b_cryptolocker
- Size
  
  70KB
- MD5
  
  9bbd16b68d5cf46e1b105f467f804f4b
- SHA1
  
  2b8fb805e0cfc6847898ba3c61a64ec849243b43
- SHA256
  
  58ebd101074d2dcf22136cd8875c44b34eff794e390dffac884062177d44d54d
- SHA512
  
  5d46a9f3bdbbae6c3f9a3d8f4efdcfafdb502b520b6aba3cd747f0a8c0a26e29311a8a0a466e9f7d0b985b6e46bb0ec4afa1416edd6674b21fe9fec286121ec1
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4ZPsED3VK2+ZtyOjgO4r9vFAg2rq2g1B/Ry:vj+jsMQMOtEvwDpj5HZYTjipvF24pAN
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2