2024-01-09_bd4b8271293e36e25c624e8254ac562d_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-09_bd4b8271293e36e25c624e8254ac562d_cryptolocker
Size

46KB
MD5

bd4b8271293e36e25c624e8254ac562d
SHA1

b97d6ae0f24598836bbd7b3b25c08f8c5c9a50e1
SHA256

73a6fbf59475cee4c7af44700bb144ed872e772fa4b2e501a48db224f5a5e7e1
SHA512

2fa3552c841a22197a3770ee6b404f1b656a0f713371c010f40cff7de61911f67fff51992f40e6bfd084524fc058756a91b97945dc36d4dac7a4a442e6495b01
SSDEEP

768:btB9g/WItCSsAGjX7r3BPOMHoc/QQJP5wjvaHt:btB9g/xtCSKfxLIc/E2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-09_bd4b8271293e36e25c624e8254ac562d_cryptolocker

Files

2024-01-09_bd4b8271293e36e25c624e8254ac562d_cryptolocker
.exe windows:5 windows x86 arch:x86

a2bfa209044e11b72a41f731968fdff2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
DispatchMessageA
DrawTextA
EndPaint
TranslateMessage
PostQuitMessage
ShowWindow
UpdateWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
MessageBoxA
SendMessageA
DestroyWindow
LoadIconA
LoadCursorA
SetWindowPos
GetWindowRect
GetMessageA
DialogBoxParamA

kernel32

GetLastError
lstrcpyA
GetModuleHandleA
GetCommandLineA
GetCurrentDirectoryA
CloseHandle
GetCurrentProcessId
GetCurrentProcess
CreateFileA

gdi32

CreateFontIndirectA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ