bad0b191cdb9e410ef6797def3087687f7668e14299a009748b2117afe3593a2 | Triage

Sharing

General

Target

2022-11-23_f0ee406790b2a22353b9644df9c494d1_cryptolocker
Size

67KB
Sample

221123-xapfjahd5z
MD5

f0ee406790b2a22353b9644df9c494d1
SHA1

e9105bc6b10bf12b78df22b21c80d557fb4c8f41
SHA256

bad0b191cdb9e410ef6797def3087687f7668e14299a009748b2117afe3593a2
SHA512

6a496fee5eef203fbae8cb593e4edfc179c0c9bff96c10c892c197bcdf445ab7bc93cb2a562b8551bd8d2d07830e3ba09215794413d968c2249431268962567e
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNEVJg:V6a+pOtEvwDpjvpt

Score

8^/10

Malware Config

Targets

- Target
  
  2022-11-23_f0ee406790b2a22353b9644df9c494d1_cryptolocker
- Size
  
  67KB
- MD5
  
  f0ee406790b2a22353b9644df9c494d1
- SHA1
  
  e9105bc6b10bf12b78df22b21c80d557fb4c8f41
- SHA256
  
  bad0b191cdb9e410ef6797def3087687f7668e14299a009748b2117afe3593a2
- SHA512
  
  6a496fee5eef203fbae8cb593e4edfc179c0c9bff96c10c892c197bcdf445ab7bc93cb2a562b8551bd8d2d07830e3ba09215794413d968c2249431268962567e
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNEVJg:V6a+pOtEvwDpjvpt
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2