859fc1b6c120f8e64cf3ed92c628135d_cryptolocker_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

859fc1b6c120f8e64cf3ed92c628135d_cryptolocker_JC.exe
Size

53KB
MD5

859fc1b6c120f8e64cf3ed92c628135d
SHA1

69f3ffdc843b929a0490f29d365ca990f88a7dde
SHA256

9d049a000683fb8258fb2e760868230bd6087cbc506305a5768bfc8079812313
SHA512

bc5f1d15514643c2c34c490317ae071807ce41ed1b79bd08148e0592630e5ef0517c03069b1831d78562adb015e802a478965ada82a1bbd77914b1bc27c0ecce
SSDEEP

768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52ZZZ:6j+1NMOtEvwDpjr8ox8UZZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859fc1b6c120f8e64cf3ed92c628135d_cryptolocker_JC.exe

Files

859fc1b6c120f8e64cf3ed92c628135d_cryptolocker_JC.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE