1bc72f7485de821eb5590cc4053c2b19688a3a421b9f9bbb360afff1fe5f8817 | Triage

Sharing

General

Target

2023-08-26_5c65576e503af864a15c517b0f4df38f_cryptolocker_JC.exe
Size

47KB
Sample

231011-wb5y8scf3w
MD5

5c65576e503af864a15c517b0f4df38f
SHA1

d49433a7baf69560ae04ee616d6cd6df22ee9ede
SHA256

1bc72f7485de821eb5590cc4053c2b19688a3a421b9f9bbb360afff1fe5f8817
SHA512

6703492e51fe3432642434d1966bf782df6a566470ee4cea3ee4513ed3f9d2a8918a4a9b64f02289ec41a7974f7731ce223035f0bc3a72f2fe80df9fff0131c4
SSDEEP

768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05RKb6FKZ:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKbt

Score

7^/10

Malware Config

Targets

- Target
  
  2023-08-26_5c65576e503af864a15c517b0f4df38f_cryptolocker_JC.exe
- Size
  
  47KB
- MD5
  
  5c65576e503af864a15c517b0f4df38f
- SHA1
  
  d49433a7baf69560ae04ee616d6cd6df22ee9ede
- SHA256
  
  1bc72f7485de821eb5590cc4053c2b19688a3a421b9f9bbb360afff1fe5f8817
- SHA512
  
  6703492e51fe3432642434d1966bf782df6a566470ee4cea3ee4513ed3f9d2a8918a4a9b64f02289ec41a7974f7731ce223035f0bc3a72f2fe80df9fff0131c4
- SSDEEP
  
  768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05RKb6FKZ:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKbt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2