3bf70af39576e08ebf241a01b4797490a9dee91c143bd963fd57a28b3abf9e27 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20240520b78dbd1f6de37a5208cfa6b758e12370cryptolocker_NeikiAnalytics
Size

93KB
Sample

240521-j5ja4sec2s
MD5

b78dbd1f6de37a5208cfa6b758e12370
SHA1

84a08f812e9fbf2c3d2f55252fb22478d2a61512
SHA256

3bf70af39576e08ebf241a01b4797490a9dee91c143bd963fd57a28b3abf9e27
SHA512

80bbde14fd2ebe327c8c5ed2fac6ccbae40c17a9f5271170c04a9fecb2db5e75d699ad75345cdf8f6e422c45ead16fcd90448757574ca23ff35f42fbd6ba1e67
SSDEEP

1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNi1OkQNpZYrs8:vCjsIOtEvwDpj5H8zPsz8

Score

7^/10

Malware Config

Targets

- Target
  
  20240520b78dbd1f6de37a5208cfa6b758e12370cryptolocker_NeikiAnalytics
- Size
  
  93KB
- MD5
  
  b78dbd1f6de37a5208cfa6b758e12370
- SHA1
  
  84a08f812e9fbf2c3d2f55252fb22478d2a61512
- SHA256
  
  3bf70af39576e08ebf241a01b4797490a9dee91c143bd963fd57a28b3abf9e27
- SHA512
  
  80bbde14fd2ebe327c8c5ed2fac6ccbae40c17a9f5271170c04a9fecb2db5e75d699ad75345cdf8f6e422c45ead16fcd90448757574ca23ff35f42fbd6ba1e67
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNi1OkQNpZYrs8:vCjsIOtEvwDpj5H8zPsz8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2