2024-01-06_cbdd277f79f39d6c162f00f4d3ad9842_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-06_cbdd277f79f39d6c162f00f4d3ad9842_cryptolocker
Size

85KB
MD5

cbdd277f79f39d6c162f00f4d3ad9842
SHA1

bf1c2c0b9946daa2b097f37e62eb30f735cbdc02
SHA256

a133b84254d2bf4fd2920ac77249d36938701df7d76964e9dd8f4bd2fcfa45e1
SHA512

105a3dea7ab54773af735049418e7f5a0f6caaf8056d1b308254f891dd74b3a83eac269e747f8032464152c410e6960cb9a4b725af5a51ef18c039a519166bea
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvzkxB2:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8z62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-06_cbdd277f79f39d6c162f00f4d3ad9842_cryptolocker

Files

2024-01-06_cbdd277f79f39d6c162f00f4d3ad9842_cryptolocker
.exe windows:5 windows x86 arch:x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE