bc97a4a68c08d7fecffc06b7925530b91889c840d51874c8781eef3d3f3971ee | Triage

Sharing

General

Target

20240521a8a4018b79c77a0cb13644dc06adecebcryptolocker.exe
Size

68KB
Sample

240522-xyzamsdd57
MD5

a8a4018b79c77a0cb13644dc06adeceb
SHA1

e41389b74f55de64cd2937d2c4b9a33d398aed84
SHA256

bc97a4a68c08d7fecffc06b7925530b91889c840d51874c8781eef3d3f3971ee
SHA512

3f9350a243476eba72e1e3c7cc943947c9413786f21a6119db825a73d63309de94f976bd74f08114dcfeab56e4515487fe210f99518bb0254a42c8a2b0e99606
SSDEEP

768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFII:6j+1NMOtEvwDpjr8ox8UDEpN/jV

Score

7^/10

Malware Config

Targets

- Target
  
  20240521a8a4018b79c77a0cb13644dc06adecebcryptolocker.exe
- Size
  
  68KB
- MD5
  
  a8a4018b79c77a0cb13644dc06adeceb
- SHA1
  
  e41389b74f55de64cd2937d2c4b9a33d398aed84
- SHA256
  
  bc97a4a68c08d7fecffc06b7925530b91889c840d51874c8781eef3d3f3971ee
- SHA512
  
  3f9350a243476eba72e1e3c7cc943947c9413786f21a6119db825a73d63309de94f976bd74f08114dcfeab56e4515487fe210f99518bb0254a42c8a2b0e99606
- SSDEEP
  
  768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFII:6j+1NMOtEvwDpjr8ox8UDEpN/jV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2