Behavioral task
behavioral1
Sample
3e30139a506dd7581f6f716e8f184cbc_cryptolocker_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
3e30139a506dd7581f6f716e8f184cbc_cryptolocker_JC.exe
Resource
win10v2004-20230703-en
General
-
Target
3e30139a506dd7581f6f716e8f184cbc_cryptolocker_JC.exe
-
Size
97KB
-
MD5
3e30139a506dd7581f6f716e8f184cbc
-
SHA1
a48d840c1f4eb86fe441aee769cf4b2eae56d64e
-
SHA256
f65b71fad30040c60fcaf3eb5143853d9e43a649fbc3bdc2f549f164dff313bb
-
SHA512
3204fdce876e5107dbd6f5f5829c6c7f9ffa072355a7c594c6237a410febd8c503531a13a54345934c6dc2fdaa2d21ef2a7d58e7cd37135af0384f3dc80df4e7
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6Gjv:1nK6a+qdOOtEvwDpjD
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3e30139a506dd7581f6f716e8f184cbc_cryptolocker_JC.exe
Files
-
3e30139a506dd7581f6f716e8f184cbc_cryptolocker_JC.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 20KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ap0x Size: 1024B - Virtual size: 785B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE