37f8c77c5c10b367963787cbc06a5eeb091f0e8c679a9e8ef2a149b8865dd0d0 | Triage

Sharing

General

Target

202405218e4e26f511c95373b1181f2f1b6143f3cryptolocker.exe
Size

62KB
Sample

240522-xhxf4scg56
MD5

8e4e26f511c95373b1181f2f1b6143f3
SHA1

e38d533aca72d2f5f504379b695f3a2ab11bcaf6
SHA256

37f8c77c5c10b367963787cbc06a5eeb091f0e8c679a9e8ef2a149b8865dd0d0
SHA512

0b986558234a3ccd1f3226ef5a5cc52d1e93deab6c9adad158239970763002c2280402d9ddc1133f8d134b1e4ae52447d233f54f48be9f8c5adb9b580ab2694c
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMNuSK:TCjsIOtEvwDpj5HE/OUHnSMZx

Score

7^/10

Malware Config

Targets

- Target
  
  202405218e4e26f511c95373b1181f2f1b6143f3cryptolocker.exe
- Size
  
  62KB
- MD5
  
  8e4e26f511c95373b1181f2f1b6143f3
- SHA1
  
  e38d533aca72d2f5f504379b695f3a2ab11bcaf6
- SHA256
  
  37f8c77c5c10b367963787cbc06a5eeb091f0e8c679a9e8ef2a149b8865dd0d0
- SHA512
  
  0b986558234a3ccd1f3226ef5a5cc52d1e93deab6c9adad158239970763002c2280402d9ddc1133f8d134b1e4ae52447d233f54f48be9f8c5adb9b580ab2694c
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMNuSK:TCjsIOtEvwDpj5HE/OUHnSMZx
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2