5c97497acc6bb9181a68186626ad5cd5b5d6e938d24f71eea6b608b852fcdc7e | Triage

Sharing

General

Target

20240521f25127a141e0295e9be57a728d453ed0cryptolocker.exe
Size

37KB
Sample

240522-wwcs7abe7z
MD5

f25127a141e0295e9be57a728d453ed0
SHA1

8a1ea4a652a54c3d17fee1be34fe25d1d5377fc4
SHA256

5c97497acc6bb9181a68186626ad5cd5b5d6e938d24f71eea6b608b852fcdc7e
SHA512

06589e30f57f1cfed7c0c7d916af20ac5f3acf018dbcd490785c08263e654be2f5e75dc2a2395f708ed2972943e5d24ae9e8bad227219a767a08b0b50bd7e753
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4k:fT+hsMQMOtEvwDpjoIHk

Score

7^/10

Malware Config

Targets

- Target
  
  20240521f25127a141e0295e9be57a728d453ed0cryptolocker.exe
- Size
  
  37KB
- MD5
  
  f25127a141e0295e9be57a728d453ed0
- SHA1
  
  8a1ea4a652a54c3d17fee1be34fe25d1d5377fc4
- SHA256
  
  5c97497acc6bb9181a68186626ad5cd5b5d6e938d24f71eea6b608b852fcdc7e
- SHA512
  
  06589e30f57f1cfed7c0c7d916af20ac5f3acf018dbcd490785c08263e654be2f5e75dc2a2395f708ed2972943e5d24ae9e8bad227219a767a08b0b50bd7e753
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4k:fT+hsMQMOtEvwDpjoIHk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2