6d7e959f911593e69e0f2077b80fb62c81515d61680497a6e7b6409597d0510e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-05_3069808b3676f74e7cd1eb5e6b4bbc3e_cryptolocker_JC.exe
Size

74KB
Sample

231023-za62pafa5t
MD5

3069808b3676f74e7cd1eb5e6b4bbc3e
SHA1

b9f0b107ff2a6e07b33f41811cc2bf55338026a4
SHA256

6d7e959f911593e69e0f2077b80fb62c81515d61680497a6e7b6409597d0510e
SHA512

da9ea052d40a492edfff9af3350652b20c495308c8a93cb0567d7305a7b7fcdffc16b7f84ae7ee1293d7c985b2c5b2b7ed9d8b1aee2a45384da9aab4d7f8eb34
SSDEEP

1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuf8:vCjsIOtEvwDpj5H9YvQd2Y

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-05_3069808b3676f74e7cd1eb5e6b4bbc3e_cryptolocker_JC.exe
- Size
  
  74KB
- MD5
  
  3069808b3676f74e7cd1eb5e6b4bbc3e
- SHA1
  
  b9f0b107ff2a6e07b33f41811cc2bf55338026a4
- SHA256
  
  6d7e959f911593e69e0f2077b80fb62c81515d61680497a6e7b6409597d0510e
- SHA512
  
  da9ea052d40a492edfff9af3350652b20c495308c8a93cb0567d7305a7b7fcdffc16b7f84ae7ee1293d7c985b2c5b2b7ed9d8b1aee2a45384da9aab4d7f8eb34
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuf8:vCjsIOtEvwDpj5H9YvQd2Y
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2