Extracted

Extracted

• • Target

    5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9.exe

  • Size

    208KB

  • MD5

    12bc78e07cb69dd6ec32729240dbe537

  • SHA1

    7b7d9b115ec10074f7166ec3379fead6e816da59

  • SHA256

    5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9

  • SHA512

    c974592671b081d0af48c1aab9f9f02243773a081d9fadf70e3caa7454dca657b45bece27852397e74f601df1abdf5db496c821a5df624057355fd15c807e15a

  • SSDEEP

    3072:GXbUMNAwQ2Jpo/AkQCUyevi8xRpz81NADJ2:ibUMKwQ2J4ReviSjeKN

  Score

  10^/10

  cryptolockerransomware

  • CryptoLocker

    Ransomware family with multiple variants.

    ransomwarecryptolocker

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2