4285f5f92136ea2d50e487345ac03c99393e7d537c0af9dc197205f2a7101cca | Triage

Sharing

General

Target

NEAS.2023-09-26_c553b9b43913d3c966bcaec60f0f1e35_cryptolocker.exe
Size

38KB
Sample

231106-xxhlhadd7v
MD5

c553b9b43913d3c966bcaec60f0f1e35
SHA1

5e08c739fc6af5307b129ddff071d20cacaa513c
SHA256

4285f5f92136ea2d50e487345ac03c99393e7d537c0af9dc197205f2a7101cca
SHA512

062fef47607ae55c82a3f2c235de5e470480699e9af6ed775a1e43de6941879b22e36dd1558e2a389ac2c61aeaf97b00eb026dfac61d8b73948710e6742e157e
SSDEEP

384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf6XT+0vJsg5b5U3wea:bgX4zYcgTEu6QOaryfjqDlC6JFbK3Ra

Score

7^/10

Malware Config

Targets

- Target
  
  NEAS.2023-09-26_c553b9b43913d3c966bcaec60f0f1e35_cryptolocker.exe
- Size
  
  38KB
- MD5
  
  c553b9b43913d3c966bcaec60f0f1e35
- SHA1
  
  5e08c739fc6af5307b129ddff071d20cacaa513c
- SHA256
  
  4285f5f92136ea2d50e487345ac03c99393e7d537c0af9dc197205f2a7101cca
- SHA512
  
  062fef47607ae55c82a3f2c235de5e470480699e9af6ed775a1e43de6941879b22e36dd1558e2a389ac2c61aeaf97b00eb026dfac61d8b73948710e6742e157e
- SSDEEP
  
  384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf6XT+0vJsg5b5U3wea:bgX4zYcgTEu6QOaryfjqDlC6JFbK3Ra
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2