c3ccebb132c86fbb3d0e4f463aaca8c08e51f2d4505ee78ef40de6e94c511648 | Triage

Sharing

General

Target

20240520fd0462d8a7fa905c57f314fcd97adc88cryptolocker_NeikiAnalytics
Size

48KB
Sample

240521-j6lsmaec5y
MD5

fd0462d8a7fa905c57f314fcd97adc88
SHA1

b0d2305fef29f410d114f19ae19fa1df5ddd9c1e
SHA256

c3ccebb132c86fbb3d0e4f463aaca8c08e51f2d4505ee78ef40de6e94c511648
SHA512

b76388ce6be089d6fc4ebb00ba6d97b37e8b853fc1065877f434cb2e74fc392b985cda1d320034475845c7bd0454eb43a9f4ae70646328dd7a3569e1b46fa37a
SSDEEP

768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/Dpkcm:P6Q0ElP6G+gJQMOtEvwDpjB8WMlfm

Score

7^/10

Malware Config

Targets

- Target
  
  20240520fd0462d8a7fa905c57f314fcd97adc88cryptolocker_NeikiAnalytics
- Size
  
  48KB
- MD5
  
  fd0462d8a7fa905c57f314fcd97adc88
- SHA1
  
  b0d2305fef29f410d114f19ae19fa1df5ddd9c1e
- SHA256
  
  c3ccebb132c86fbb3d0e4f463aaca8c08e51f2d4505ee78ef40de6e94c511648
- SHA512
  
  b76388ce6be089d6fc4ebb00ba6d97b37e8b853fc1065877f434cb2e74fc392b985cda1d320034475845c7bd0454eb43a9f4ae70646328dd7a3569e1b46fa37a
- SSDEEP
  
  768:P6LsoVEeegiZPvEhHSP+gp/QtOOtEvwDpjBBMLZdzuqpXsiE8Wq/Dpkcm:P6Q0ElP6G+gJQMOtEvwDpjB8WMlfm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2