b6aa295cb1746e06a81e41c8f125717ff2cd0a9d58a3c7bfba11b9c60d3ed501 | Triage

Sharing

General

Target

20240521bc830ddba8738e939f8a7c11326eaf0acryptolocker.exe
Size

37KB
Sample

240522-xhbveacf3w
MD5

bc830ddba8738e939f8a7c11326eaf0a
SHA1

a87e9ba2a125e588c36d7805bf460c4a4caa26d7
SHA256

b6aa295cb1746e06a81e41c8f125717ff2cd0a9d58a3c7bfba11b9c60d3ed501
SHA512

e51b4c12c8dda98a18054f0e2793a5a821c8782a6c180fcda0aff98b69cbc7146ba377176a52bf90e643875666b732b135cbf157ba45758d7b207bd88d3da764
SSDEEP

768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIN:bAvJCF+RQgJeab4sb0

Score

7^/10

Malware Config

Targets

- Target
  
  20240521bc830ddba8738e939f8a7c11326eaf0acryptolocker.exe
- Size
  
  37KB
- MD5
  
  bc830ddba8738e939f8a7c11326eaf0a
- SHA1
  
  a87e9ba2a125e588c36d7805bf460c4a4caa26d7
- SHA256
  
  b6aa295cb1746e06a81e41c8f125717ff2cd0a9d58a3c7bfba11b9c60d3ed501
- SHA512
  
  e51b4c12c8dda98a18054f0e2793a5a821c8782a6c180fcda0aff98b69cbc7146ba377176a52bf90e643875666b732b135cbf157ba45758d7b207bd88d3da764
- SSDEEP
  
  768:bAvJCYOOvbRPDEgXrNekd7l94i3pQheDIN:bAvJCF+RQgJeab4sb0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2