6f093eb64a043ba2dbedb8c102e2c162d1e442e4f801b1799a81dfcffa2ce192 | Triage

Sharing

General

Target

2024-11-21_8f63d3c5974a521fddaa6c3ae0f3d254_cryptolocker
Size

31KB
Sample

241121-eg6dhszakm
MD5

8f63d3c5974a521fddaa6c3ae0f3d254
SHA1

45e2f497cf03f7bc4feecf72b84ccb138edffddf
SHA256

6f093eb64a043ba2dbedb8c102e2c162d1e442e4f801b1799a81dfcffa2ce192
SHA512

9e9272732bf0a245bfb8a82774d544214e2d6168b2d56be27b17068a5ec62da760ff9beb24a0f03358af733363881b07bf12611e0520e975baecc202195a3541
SSDEEP

384:buWbtjL8L1iE0eBhkzPbKAaomTqC9Mwf4fjDCgpmaPc4HyVOCGHqEd:bxNQIE0eBhkL2Fo1CCwgfjOg9JyUC7i

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_8f63d3c5974a521fddaa6c3ae0f3d254_cryptolocker
- Size
  
  31KB
- MD5
  
  8f63d3c5974a521fddaa6c3ae0f3d254
- SHA1
  
  45e2f497cf03f7bc4feecf72b84ccb138edffddf
- SHA256
  
  6f093eb64a043ba2dbedb8c102e2c162d1e442e4f801b1799a81dfcffa2ce192
- SHA512
  
  9e9272732bf0a245bfb8a82774d544214e2d6168b2d56be27b17068a5ec62da760ff9beb24a0f03358af733363881b07bf12611e0520e975baecc202195a3541
- SSDEEP
  
  384:buWbtjL8L1iE0eBhkzPbKAaomTqC9Mwf4fjDCgpmaPc4HyVOCGHqEd:bxNQIE0eBhkL2Fo1CCwgfjOg9JyUC7i
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2