b7899d99312fcb9d6908903a1335ea08d1470bbfd0a66ec62db78725feb33aa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-17_4ab9132b6171fc10e11cbab978ecdc40_cryptolocker
Size

29KB
Sample

241017-1ef7haxfmg
MD5

4ab9132b6171fc10e11cbab978ecdc40
SHA1

b2d6bbf2a6827580d859db37c80028c2e2094e19
SHA256

b7899d99312fcb9d6908903a1335ea08d1470bbfd0a66ec62db78725feb33aa3
SHA512

8b667f7a800733eeabe2e99b25287344ebc8be6db29d3d040850846c05fe6aba25d1f7ebe08284203e49c1d97107e8b5703fa864bb3dd6b124e16a39be066470
SSDEEP

384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUqMV6U8ziG:bA74zYcgT/Ekd0ryfj86U8ziG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-17_4ab9132b6171fc10e11cbab978ecdc40_cryptolocker
- Size
  
  29KB
- MD5
  
  4ab9132b6171fc10e11cbab978ecdc40
- SHA1
  
  b2d6bbf2a6827580d859db37c80028c2e2094e19
- SHA256
  
  b7899d99312fcb9d6908903a1335ea08d1470bbfd0a66ec62db78725feb33aa3
- SHA512
  
  8b667f7a800733eeabe2e99b25287344ebc8be6db29d3d040850846c05fe6aba25d1f7ebe08284203e49c1d97107e8b5703fa864bb3dd6b124e16a39be066470
- SSDEEP
  
  384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUqMV6U8ziG:bA74zYcgT/Ekd0ryfj86U8ziG
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2