f1c36919c8f20bc80d3538fd30808d8fa80768577e4d41575728d31a7480bb69 | Triage

Sharing

General

Target

2022-11-23_97302eada3f130412e4a00c771f6dc44_cryptolocker
Size

44KB
Sample

221123-xalpmsed46
MD5

97302eada3f130412e4a00c771f6dc44
SHA1

6003d9f4dcbf3d82e3d3fe813d0e1952bce414f9
SHA256

f1c36919c8f20bc80d3538fd30808d8fa80768577e4d41575728d31a7480bb69
SHA512

602ce7bd4d93e2f0e0d382021be5860138ce1d5a9f4a7b7dc3b05e1257a2e724714a1b6eb185120170cb04d6627461d0e3218e5d7b14a37aa9ccb10c7b0c0529
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8lB4dCOBy/cMcls6z:ZzFbxmLPWQMOtEvwDpj38lD/cMUs0

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_97302eada3f130412e4a00c771f6dc44_cryptolocker
- Size
  
  44KB
- MD5
  
  97302eada3f130412e4a00c771f6dc44
- SHA1
  
  6003d9f4dcbf3d82e3d3fe813d0e1952bce414f9
- SHA256
  
  f1c36919c8f20bc80d3538fd30808d8fa80768577e4d41575728d31a7480bb69
- SHA512
  
  602ce7bd4d93e2f0e0d382021be5860138ce1d5a9f4a7b7dc3b05e1257a2e724714a1b6eb185120170cb04d6627461d0e3218e5d7b14a37aa9ccb10c7b0c0529
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8lB4dCOBy/cMcls6z:ZzFbxmLPWQMOtEvwDpj38lD/cMUs0
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2