3b4192405e91baefc50fa568c036098cd397ee8b495defde9be8e1b21b44fc1d | Triage

Sharing

General

Target

20240521be8bcee80fb5673afa76793df204465ecryptolocker.exe
Size

35KB
Sample

240522-xsbbmadb66
MD5

be8bcee80fb5673afa76793df204465e
SHA1

dd1c4eb8d4e5bc701291105955b8310d9447cee0
SHA256

3b4192405e91baefc50fa568c036098cd397ee8b495defde9be8e1b21b44fc1d
SHA512

50df228b4ed585f3eb0c6ccffe9bb08a84b3ef80ad682224ebf9b2b706e0d2c716bc6b7797f15a7c0c0ad9aaf88791b3e9015fbe7145db8e2cb25640845f0652
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+T9rj:bAvJCYOOvbRPDEgXRc+BAILiJj

Score

7^/10

Malware Config

Targets

- Target
  
  20240521be8bcee80fb5673afa76793df204465ecryptolocker.exe
- Size
  
  35KB
- MD5
  
  be8bcee80fb5673afa76793df204465e
- SHA1
  
  dd1c4eb8d4e5bc701291105955b8310d9447cee0
- SHA256
  
  3b4192405e91baefc50fa568c036098cd397ee8b495defde9be8e1b21b44fc1d
- SHA512
  
  50df228b4ed585f3eb0c6ccffe9bb08a84b3ef80ad682224ebf9b2b706e0d2c716bc6b7797f15a7c0c0ad9aaf88791b3e9015fbe7145db8e2cb25640845f0652
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAgmEzXKxA+T9rj:bAvJCYOOvbRPDEgXRc+BAILiJj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2