afbad3f087935c9d23e4accb2cdaa076ea4b27790002ac6dc6d7d73130ac9cf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-29_b70f078aaa7e019e9d03d471e5dcfcaf_cryptolocker.exe
Size

78KB
Sample

231106-x14cdafa72
MD5

b70f078aaa7e019e9d03d471e5dcfcaf
SHA1

b746f5602d9b09ecc163a6797b6819eeb798e079
SHA256

afbad3f087935c9d23e4accb2cdaa076ea4b27790002ac6dc6d7d73130ac9cf9
SHA512

0e9581613791c8f8519746fe233ea5ca5819a0d51f8549121001bffe15ff8e1049d54b279b0876f5158e02df139f331fd6516bbc97deabe143edbbe787ea2959
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMM7:TCjsIOtEvwDpj5HE/OUHnSMV

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-29_b70f078aaa7e019e9d03d471e5dcfcaf_cryptolocker.exe
- Size
  
  78KB
- MD5
  
  b70f078aaa7e019e9d03d471e5dcfcaf
- SHA1
  
  b746f5602d9b09ecc163a6797b6819eeb798e079
- SHA256
  
  afbad3f087935c9d23e4accb2cdaa076ea4b27790002ac6dc6d7d73130ac9cf9
- SHA512
  
  0e9581613791c8f8519746fe233ea5ca5819a0d51f8549121001bffe15ff8e1049d54b279b0876f5158e02df139f331fd6516bbc97deabe143edbbe787ea2959
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMM7:TCjsIOtEvwDpj5HE/OUHnSMV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2