c874e93506a8ce09a8302993177752d45796bd4669336b8af100b4e523c6c001 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_643e1867a6785140c2dba5a95ef9f40f_cryptolocker_JC.exe
Size

35KB
Sample

231011-v7vmpsea77
MD5

643e1867a6785140c2dba5a95ef9f40f
SHA1

26fcde34bdb01e92044d5f68dfb302c8cfb35abd
SHA256

c874e93506a8ce09a8302993177752d45796bd4669336b8af100b4e523c6c001
SHA512

7b5742e9d57b4cc82ad12253c439633164c0f0fc8df4eab3508f2a165693447d377fb0a3d70b094034b1c6e335bc3f49a7ba01cd8b4d6f8217800fd987082652
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rq:i5nkFGMOtEvwDpjR+q

Score

7^/10

Malware Config

Targets

- Target
  
  2023-08-26_643e1867a6785140c2dba5a95ef9f40f_cryptolocker_JC.exe
- Size
  
  35KB
- MD5
  
  643e1867a6785140c2dba5a95ef9f40f
- SHA1
  
  26fcde34bdb01e92044d5f68dfb302c8cfb35abd
- SHA256
  
  c874e93506a8ce09a8302993177752d45796bd4669336b8af100b4e523c6c001
- SHA512
  
  7b5742e9d57b4cc82ad12253c439633164c0f0fc8df4eab3508f2a165693447d377fb0a3d70b094034b1c6e335bc3f49a7ba01cd8b4d6f8217800fd987082652
- SSDEEP
  
  768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rq:i5nkFGMOtEvwDpjR+q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2