91e7214afaf87009ab4b2b136c3fd6017cec580ed44fae084c39496bc51e83fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-25_e37cfcbd8604ee63247e12b05c0df5fe_cryptolocker_JC.exe
Size

75KB
Sample

231013-zh62nabb79
MD5

e37cfcbd8604ee63247e12b05c0df5fe
SHA1

6add963a2b58ffc0ec392cc2025e7a07f0bc81c2
SHA256

91e7214afaf87009ab4b2b136c3fd6017cec580ed44fae084c39496bc51e83fb
SHA512

e7f98d8100f9dfa2ce69f643537bb0f8f36c7209a5bb0cf9a62b73023c130ce72e870fcf5e1931f7b8d8cf06bb044d63888dc4579cbc01ef06682316ef55f3f2
SSDEEP

1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfWa1:vCjsIOtEvwDpj5H9YvQd2Z

Score

7^/10

Malware Config

Targets

- Target
  
  2023-08-25_e37cfcbd8604ee63247e12b05c0df5fe_cryptolocker_JC.exe
- Size
  
  75KB
- MD5
  
  e37cfcbd8604ee63247e12b05c0df5fe
- SHA1
  
  6add963a2b58ffc0ec392cc2025e7a07f0bc81c2
- SHA256
  
  91e7214afaf87009ab4b2b136c3fd6017cec580ed44fae084c39496bc51e83fb
- SHA512
  
  e7f98d8100f9dfa2ce69f643537bb0f8f36c7209a5bb0cf9a62b73023c130ce72e870fcf5e1931f7b8d8cf06bb044d63888dc4579cbc01ef06682316ef55f3f2
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfWa1:vCjsIOtEvwDpj5H9YvQd2Z
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2