7a081b02ff0660783d9923300bffbd731b76544818d5535c0d7c4c83bfda5b21 | Triage

Sharing

General

Target

2022-11-23_95cee2df9894d9f8dcb5977f187856f5_cryptolocker
Size

67KB
Sample

221123-xalpmshd3z
MD5

95cee2df9894d9f8dcb5977f187856f5
SHA1

c3a878e9dfa5ba3bacb72dcaf31f972c6db901c2
SHA256

7a081b02ff0660783d9923300bffbd731b76544818d5535c0d7c4c83bfda5b21
SHA512

c1bd9d769fc28278ead9a0ce7d5f032d1e5fa59b03507081adfe0289b53e72ab90e6b83673f08ef1fd3daa823a7d1a24dc883c54e86453ec6dff09d8a1a8b974
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUflteh:i5nkFGMOtEvwDpjNbwQEI8UE

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_95cee2df9894d9f8dcb5977f187856f5_cryptolocker
- Size
  
  67KB
- MD5
  
  95cee2df9894d9f8dcb5977f187856f5
- SHA1
  
  c3a878e9dfa5ba3bacb72dcaf31f972c6db901c2
- SHA256
  
  7a081b02ff0660783d9923300bffbd731b76544818d5535c0d7c4c83bfda5b21
- SHA512
  
  c1bd9d769fc28278ead9a0ce7d5f032d1e5fa59b03507081adfe0289b53e72ab90e6b83673f08ef1fd3daa823a7d1a24dc883c54e86453ec6dff09d8a1a8b974
- SSDEEP
  
  768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUflteh:i5nkFGMOtEvwDpjNbwQEI8UE
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2