2a45741a2e90cf5e8a8ba04540551174b9095679d57ac2a83fc1a657c0046e99 | Triage

Sharing

General

Target

NEAS.2023-09-07_8df480cb11f8dddbee32410e9975d041_cryptolocker_JC.exe
Size

91KB
Sample

231022-ke2kfaef7t
MD5

8df480cb11f8dddbee32410e9975d041
SHA1

8dab5e46e7a9a5a5ced8befb0f69565e3074837b
SHA256

2a45741a2e90cf5e8a8ba04540551174b9095679d57ac2a83fc1a657c0046e99
SHA512

c98c10ab1b2733d7d9b655523c11c39532b3360b1e9ef3fa752c2852e65fa48c3d8f04128c6cafb31772d395ef0c49a660d20e755e49cbd319f4af32018781bc
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJ4v:xj+VGMOtEvwDpjubwQEIiVmk6

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-07_8df480cb11f8dddbee32410e9975d041_cryptolocker_JC.exe
- Size
  
  91KB
- MD5
  
  8df480cb11f8dddbee32410e9975d041
- SHA1
  
  8dab5e46e7a9a5a5ced8befb0f69565e3074837b
- SHA256
  
  2a45741a2e90cf5e8a8ba04540551174b9095679d57ac2a83fc1a657c0046e99
- SHA512
  
  c98c10ab1b2733d7d9b655523c11c39532b3360b1e9ef3fa752c2852e65fa48c3d8f04128c6cafb31772d395ef0c49a660d20e755e49cbd319f4af32018781bc
- SSDEEP
  
  768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJ4v:xj+VGMOtEvwDpjubwQEIiVmk6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2