6a51c2db3700897bcc5a09f69b9b5494_cryptolocker_JC[.]exe | Triage

Sharing

General

Target

6a51c2db3700897bcc5a09f69b9b5494_cryptolocker_JC.exe
Size

75KB
MD5

6a51c2db3700897bcc5a09f69b9b5494
SHA1

92a38d06567d295ea08ac8c4255dea58d2706d9d
SHA256

54a8bca6e0fe67806b3bf70b865ec3052ae059803b6b2044c28cf163dd0b51aa
SHA512

ed78224b6b6657c6eb731ace74bc7391d0346283eabc4091d40e7906ce2fe440553d2794970de079904c9500e93ecd9f8e9d3f8a027e785051d6e2f151a39884
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKaz7KZxM:i5nkFGMOtEvwDpjNbwQEI8Utz7om

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a51c2db3700897bcc5a09f69b9b5494_cryptolocker_JC.exe

Files

6a51c2db3700897bcc5a09f69b9b5494_cryptolocker_JC.exe
.exe windows x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE