0fde85d8e3e7339e06a6004864e9da84fea9ebd8d4f6c4b099c2071df543c82f | Triage

Sharing

General

Target

2022-11-23_cc83d5d58c376591178e7a1395d3ea19_cryptolocker
Size

76KB
Sample

221123-xanh8sed55
MD5

cc83d5d58c376591178e7a1395d3ea19
SHA1

405ab5cd48a5aa533ccb89ea5c92231390930db8
SHA256

0fde85d8e3e7339e06a6004864e9da84fea9ebd8d4f6c4b099c2071df543c82f
SHA512

70badff81dcb632decc82d04667797a99a3d9ad8e33442c68fbd03c97821670c5305f9c96b49aad9b18c2576bd69778bc982bd45a2d9409d24fa52343cc3d52a
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUfltelz:xj+VGMOtEvwDpjubwQEI8Uoz

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_cc83d5d58c376591178e7a1395d3ea19_cryptolocker
- Size
  
  76KB
- MD5
  
  cc83d5d58c376591178e7a1395d3ea19
- SHA1
  
  405ab5cd48a5aa533ccb89ea5c92231390930db8
- SHA256
  
  0fde85d8e3e7339e06a6004864e9da84fea9ebd8d4f6c4b099c2071df543c82f
- SHA512
  
  70badff81dcb632decc82d04667797a99a3d9ad8e33442c68fbd03c97821670c5305f9c96b49aad9b18c2576bd69778bc982bd45a2d9409d24fa52343cc3d52a
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUfltelz:xj+VGMOtEvwDpjubwQEI8Uoz
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2