9c86bff0f6a0e02806c7c49a591aef9ff97fa1af4e13605f6589e1ec67e85c6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-09_2760eb39f646b041327238c881eb3219_cryptolocker_JC.exe
Size

35KB
Sample

231023-znnghahc69
MD5

2760eb39f646b041327238c881eb3219
SHA1

3c946b1b6c64b6d8b5029a551465145091c656ba
SHA256

9c86bff0f6a0e02806c7c49a591aef9ff97fa1af4e13605f6589e1ec67e85c6f
SHA512

40bd8bd297441e347831b5b2fdf243e9aac06d6c1a31a1ea7f9bb7e85a99999192e23ea20999d51cb601ce48c85cc53593cac335c3f6808fc6dbd946bced5780
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbC:bAvJCYOOvbRPDEgXrNekd7l94i3pC

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-09_2760eb39f646b041327238c881eb3219_cryptolocker_JC.exe
- Size
  
  35KB
- MD5
  
  2760eb39f646b041327238c881eb3219
- SHA1
  
  3c946b1b6c64b6d8b5029a551465145091c656ba
- SHA256
  
  9c86bff0f6a0e02806c7c49a591aef9ff97fa1af4e13605f6589e1ec67e85c6f
- SHA512
  
  40bd8bd297441e347831b5b2fdf243e9aac06d6c1a31a1ea7f9bb7e85a99999192e23ea20999d51cb601ce48c85cc53593cac335c3f6808fc6dbd946bced5780
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbC:bAvJCYOOvbRPDEgXrNekd7l94i3pC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2