7e431eb2f74ff09e893d439381370eed7929f146a54020c1bb4df943645ac7c4 | Triage

Sharing

General

Target

2022-11-23_c0c9fc01162bf59ddf4795f80627b42d_cryptolocker
Size

68KB
Sample

221123-xam8gahd41
MD5

c0c9fc01162bf59ddf4795f80627b42d
SHA1

bbfdb85b26a23513a54068fb950357ec20340c0b
SHA256

7e431eb2f74ff09e893d439381370eed7929f146a54020c1bb4df943645ac7c4
SHA512

f32547dcaca0e8dc54ac4ef98ff267670c190a7a4a7dc25b98ed3fbb11c020b5e1ac24e63201575f94398956f40f1135b240f4c21e17ff7cd2d3c07be58290f4
SSDEEP

768:gUQz7yVEhs9+4T/1bytOOtEvwDpjNbZ9TDY9:gUj+AIMOtEvwDpjNbPDG

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_c0c9fc01162bf59ddf4795f80627b42d_cryptolocker
- Size
  
  68KB
- MD5
  
  c0c9fc01162bf59ddf4795f80627b42d
- SHA1
  
  bbfdb85b26a23513a54068fb950357ec20340c0b
- SHA256
  
  7e431eb2f74ff09e893d439381370eed7929f146a54020c1bb4df943645ac7c4
- SHA512
  
  f32547dcaca0e8dc54ac4ef98ff267670c190a7a4a7dc25b98ed3fbb11c020b5e1ac24e63201575f94398956f40f1135b240f4c21e17ff7cd2d3c07be58290f4
- SSDEEP
  
  768:gUQz7yVEhs9+4T/1bytOOtEvwDpjNbZ9TDY9:gUj+AIMOtEvwDpjNbPDG
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2