083a78c225c89ba78c5846fbcca9044fd7eacf89d062dd04ef9af03e735dac82 | Triage

Sharing

General

Target

fe09b940e1d77d7b7b6f18a1cee1c758_cryptolocker_JC.exe
Size

36KB
Sample

230831-xnb3cshd5t
MD5

fe09b940e1d77d7b7b6f18a1cee1c758
SHA1

f43f47828ee64890ae1f9b89532f50259c7377f0
SHA256

083a78c225c89ba78c5846fbcca9044fd7eacf89d062dd04ef9af03e735dac82
SHA512

fb4944043aec1362a6c544693e6e0fd7bd0a743e2eef3e186df2272bedb831a14c892597864f2cd02fe2d5728df4c723c5c5d117f0eed9b358dd047ecd99b7aa
SSDEEP

384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOT:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6J

Score

7^/10

Malware Config

Targets

- Target
  
  fe09b940e1d77d7b7b6f18a1cee1c758_cryptolocker_JC.exe
- Size
  
  36KB
- MD5
  
  fe09b940e1d77d7b7b6f18a1cee1c758
- SHA1
  
  f43f47828ee64890ae1f9b89532f50259c7377f0
- SHA256
  
  083a78c225c89ba78c5846fbcca9044fd7eacf89d062dd04ef9af03e735dac82
- SHA512
  
  fb4944043aec1362a6c544693e6e0fd7bd0a743e2eef3e186df2272bedb831a14c892597864f2cd02fe2d5728df4c723c5c5d117f0eed9b358dd047ecd99b7aa
- SSDEEP
  
  384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOT:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6J
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2