c6de789a5fab70666f5954548f0ac57a8de17c66a2b939a18ff53c3a031e9e08 | Triage

Sharing

General

Target

NEAS.2023-09-05_53b7da36d91532fd569da8792ccdff0c_cryptolocker_JC.exe
Size

125KB
Sample

231022-ksvztaeh7x
MD5

53b7da36d91532fd569da8792ccdff0c
SHA1

e06bf50bfa2c6ed662a6d81427a637d04abd5f1b
SHA256

c6de789a5fab70666f5954548f0ac57a8de17c66a2b939a18ff53c3a031e9e08
SHA512

f59e251063c2f3c028d24bf3dc78574e82052a211e414fa6d28ca3c32d80ed30205ed6ecde10b8f3f2b9e2c17c926c556b7653e1bb0e674b7f5245949c7c83dd
SSDEEP

1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVZppZ:vCjsIOtEvwDpj5H9YvQd29

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-05_53b7da36d91532fd569da8792ccdff0c_cryptolocker_JC.exe
- Size
  
  125KB
- MD5
  
  53b7da36d91532fd569da8792ccdff0c
- SHA1
  
  e06bf50bfa2c6ed662a6d81427a637d04abd5f1b
- SHA256
  
  c6de789a5fab70666f5954548f0ac57a8de17c66a2b939a18ff53c3a031e9e08
- SHA512
  
  f59e251063c2f3c028d24bf3dc78574e82052a211e414fa6d28ca3c32d80ed30205ed6ecde10b8f3f2b9e2c17c926c556b7653e1bb0e674b7f5245949c7c83dd
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVZppZ:vCjsIOtEvwDpj5H9YvQd29
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2