58dd0ac822de193486e14c0a5549fcd1aee41f302919f04d30515d59c9cc136c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79144ee1cd7d9ec96aeb9d8bb48d9233_cryptolocker_JC.exe
Size

27KB
Sample

230823-t9rhdsea58
MD5

79144ee1cd7d9ec96aeb9d8bb48d9233
SHA1

ccda28e86727e82ef0df6056ab6737fb46ff451a
SHA256

58dd0ac822de193486e14c0a5549fcd1aee41f302919f04d30515d59c9cc136c
SHA512

eb3f877daafc99263dd3d67d7f4dc2a595fa190c63b3f2e94e6b91915b93ebf208766c3e6b2160a1761cc99f1ae9350b51656a2d822cdf3da8c84c995a6cf225
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzw:b/yC4GyNM01GuQMNXw2PSk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  79144ee1cd7d9ec96aeb9d8bb48d9233_cryptolocker_JC.exe
- Size
  
  27KB
- MD5
  
  79144ee1cd7d9ec96aeb9d8bb48d9233
- SHA1
  
  ccda28e86727e82ef0df6056ab6737fb46ff451a
- SHA256
  
  58dd0ac822de193486e14c0a5549fcd1aee41f302919f04d30515d59c9cc136c
- SHA512
  
  eb3f877daafc99263dd3d67d7f4dc2a595fa190c63b3f2e94e6b91915b93ebf208766c3e6b2160a1761cc99f1ae9350b51656a2d822cdf3da8c84c995a6cf225
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzw:b/yC4GyNM01GuQMNXw2PSk
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2