5a9cfb382c26c8e28f51fbace8df49871d8d4347c1c41e0c0c59272bdd31406b | Triage

Sharing

General

Target

2022-11-23_b8aa6566c33f213f96f97a398466bd93_cryptolocker
Size

68KB
Sample

221123-xamlyaed52
MD5

b8aa6566c33f213f96f97a398466bd93
SHA1

db619b45f3f2fd3f1daf2fc92e3da46b4f7556ea
SHA256

5a9cfb382c26c8e28f51fbace8df49871d8d4347c1c41e0c0c59272bdd31406b
SHA512

380c770c3f99a557e3d3427fd03b064be3b54ed230bea50c573f9823d54325fb25eea422912346c1622148f467c16ace390939f8d1ab1ceb8bdabca39189062a
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKi:i5nkFGMOtEvwDpjNbwQEI8Usi

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_b8aa6566c33f213f96f97a398466bd93_cryptolocker
- Size
  
  68KB
- MD5
  
  b8aa6566c33f213f96f97a398466bd93
- SHA1
  
  db619b45f3f2fd3f1daf2fc92e3da46b4f7556ea
- SHA256
  
  5a9cfb382c26c8e28f51fbace8df49871d8d4347c1c41e0c0c59272bdd31406b
- SHA512
  
  380c770c3f99a557e3d3427fd03b064be3b54ed230bea50c573f9823d54325fb25eea422912346c1622148f467c16ace390939f8d1ab1ceb8bdabca39189062a
- SSDEEP
  
  768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKi:i5nkFGMOtEvwDpjNbwQEI8Usi
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2