19e6fea6a1228c6fd4e439e3eef5bda22986c5585c798013c871a7556817c981 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-08_2e1d665b424e661226880386adc38fd0_cryptolocker_JC.exe
Size

40KB
Sample

231031-t7xavsdc33
MD5

2e1d665b424e661226880386adc38fd0
SHA1

41ab82bd482c3f7a42ccb15cb651cca8ae11da12
SHA256

19e6fea6a1228c6fd4e439e3eef5bda22986c5585c798013c871a7556817c981
SHA512

1ef84b01512c52421963afa04f561ff65f1acd301829202c9abad81cec43af2c812ef4054dfa1a67fb03bd7284c750578dafeafb7107addcd0c790f7945375cf
SSDEEP

768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kxw:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XJ

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-08_2e1d665b424e661226880386adc38fd0_cryptolocker_JC.exe
- Size
  
  40KB
- MD5
  
  2e1d665b424e661226880386adc38fd0
- SHA1
  
  41ab82bd482c3f7a42ccb15cb651cca8ae11da12
- SHA256
  
  19e6fea6a1228c6fd4e439e3eef5bda22986c5585c798013c871a7556817c981
- SHA512
  
  1ef84b01512c52421963afa04f561ff65f1acd301829202c9abad81cec43af2c812ef4054dfa1a67fb03bd7284c750578dafeafb7107addcd0c790f7945375cf
- SSDEEP
  
  768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kxw:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2