6038e40e35d5cd0d31d041542b3d3b0e0d9c5bd11db100fb253dac94b6b5b237 | Triage

Sharing

General

Target

20240520b7a780e24631d30bbc72c1a8abf8ad2ecryptolocker_NeikiAnalytics
Size

48KB
Sample

240521-j5kh6seb59
MD5

b7a780e24631d30bbc72c1a8abf8ad2e
SHA1

e2fa974e7ea7391d95986059d3473351b1615137
SHA256

6038e40e35d5cd0d31d041542b3d3b0e0d9c5bd11db100fb253dac94b6b5b237
SHA512

00d15514bb011adea1af5ef4e52024fc4286b97730ac85775793cc83ee3c9a8e3c8412728937468077c5312bae68e146457598cb45bd7c901b07bfafa0a35c58
SSDEEP

768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoL5P:qmbhXDmjr5MOtEvwDpj5cDtKkQZQL

Score

7^/10

Malware Config

Targets

- Target
  
  20240520b7a780e24631d30bbc72c1a8abf8ad2ecryptolocker_NeikiAnalytics
- Size
  
  48KB
- MD5
  
  b7a780e24631d30bbc72c1a8abf8ad2e
- SHA1
  
  e2fa974e7ea7391d95986059d3473351b1615137
- SHA256
  
  6038e40e35d5cd0d31d041542b3d3b0e0d9c5bd11db100fb253dac94b6b5b237
- SHA512
  
  00d15514bb011adea1af5ef4e52024fc4286b97730ac85775793cc83ee3c9a8e3c8412728937468077c5312bae68e146457598cb45bd7c901b07bfafa0a35c58
- SSDEEP
  
  768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoL5P:qmbhXDmjr5MOtEvwDpj5cDtKkQZQL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2