c6e851cdecd512828d51954e95aa59a03f2aa951cfe48a3eea4553d3e39a20e1 | Triage

Sharing

General

Target

2024-11-21_8bebcd074304905b33812723b46f7d76_cryptolocker
Size

35KB
Sample

241121-hm96fazgll
MD5

8bebcd074304905b33812723b46f7d76
SHA1

f2d0a3efc3a56c2bf58f2cd0e8f3a83d68352fe6
SHA256

c6e851cdecd512828d51954e95aa59a03f2aa951cfe48a3eea4553d3e39a20e1
SHA512

2727fdae87f0dce19562ae5df4d6c470c60e46ac6bb490fd3f3ec2ae4fdfa88142d668b04b1dcc0d9ed124e759b5fb3810d4bb844720e90fad0da54b7608db77
SSDEEP

384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJF3Sz:bG74zYcgT/Ekd0ryfjkbCz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-21_8bebcd074304905b33812723b46f7d76_cryptolocker
- Size
  
  35KB
- MD5
  
  8bebcd074304905b33812723b46f7d76
- SHA1
  
  f2d0a3efc3a56c2bf58f2cd0e8f3a83d68352fe6
- SHA256
  
  c6e851cdecd512828d51954e95aa59a03f2aa951cfe48a3eea4553d3e39a20e1
- SHA512
  
  2727fdae87f0dce19562ae5df4d6c470c60e46ac6bb490fd3f3ec2ae4fdfa88142d668b04b1dcc0d9ed124e759b5fb3810d4bb844720e90fad0da54b7608db77
- SSDEEP
  
  384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJF3Sz:bG74zYcgT/Ekd0ryfjkbCz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2