8c85a6e156813f63db7fe62a39947666_cryptolocker_JC[.]exe | Triage

Sharing

General

Target

8c85a6e156813f63db7fe62a39947666_cryptolocker_JC.exe
Size

54KB
MD5

8c85a6e156813f63db7fe62a39947666
SHA1

32a6820d6eb6a2140fe579941c0e587630d0e5b3
SHA256

c7841ddc5f23f32d6552df18609c5cfdd8d0000658154f72940f08089d09b34a
SHA512

d9d2af5dcab16aa4381700e92e4e18f949110ec84d142340a80b6eee2252eb51e8ddf44187a00ab5372b823440f1ff120e12643b1b5ac848ef436e5c0742c412
SSDEEP

768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I54ob:6j+1NMOtEvwDpjr8ox8CE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c85a6e156813f63db7fe62a39947666_cryptolocker_JC.exe

Files

8c85a6e156813f63db7fe62a39947666_cryptolocker_JC.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE