Overview

overview

8

Static

static

2022-11-23...er.exe

windows7-x64

8

2022-11-23...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2022-11-23_c0c9fc01162bf59ddf4795f80627b42d_cryptolocker

  • Size

    68KB

  • Sample

    221123-xam8gahd41

  • MD5

    c0c9fc01162bf59ddf4795f80627b42d

  • SHA1

    bbfdb85b26a23513a54068fb950357ec20340c0b

  • SHA256

    7e431eb2f74ff09e893d439381370eed7929f146a54020c1bb4df943645ac7c4

  • SHA512

    f32547dcaca0e8dc54ac4ef98ff267670c190a7a4a7dc25b98ed3fbb11c020b5e1ac24e63201575f94398956f40f1135b240f4c21e17ff7cd2d3c07be58290f4

  • SSDEEP

    768:gUQz7yVEhs9+4T/1bytOOtEvwDpjNbZ9TDY9:gUj+AIMOtEvwDpjNbPDG

Score
8/10

Malware Config

Targets

    • Target

      2022-11-23_c0c9fc01162bf59ddf4795f80627b42d_cryptolocker

    • Size

      68KB

    • MD5

      c0c9fc01162bf59ddf4795f80627b42d

    • SHA1

      bbfdb85b26a23513a54068fb950357ec20340c0b

    • SHA256

      7e431eb2f74ff09e893d439381370eed7929f146a54020c1bb4df943645ac7c4

    • SHA512

      f32547dcaca0e8dc54ac4ef98ff267670c190a7a4a7dc25b98ed3fbb11c020b5e1ac24e63201575f94398956f40f1135b240f4c21e17ff7cd2d3c07be58290f4

    • SSDEEP

      768:gUQz7yVEhs9+4T/1bytOOtEvwDpjNbZ9TDY9:gUj+AIMOtEvwDpjNbPDG

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks