2024-01-23_be06aa29fc0b62250a35cd1433377ed8_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_be06aa29fc0b62250a35cd1433377ed8_cryptolocker
Size

60KB
MD5

be06aa29fc0b62250a35cd1433377ed8
SHA1

d3e2c96db7039cc1e4f48f4453df2de03ad5f705
SHA256

1457e37a9bed8a156388b757f6ecd8e128ff16632e3791d30d11fef31b7587c8
SHA512

f609670be53cd9772236078bbec86b8369ff5eea40cf124e9aa4daacf1a28017bc12c80c4ae1a92d15d17cdbfa440226ff3b3a0a38f86975881579bb3e43e87e
SSDEEP

768:F6LsoEEeegiZPvEhHSG+g2MiQtOOtEvwDpjB:F6QFElP6n+gziQMOtEvwDpjB

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_be06aa29fc0b62250a35cd1433377ed8_cryptolocker

Files

2024-01-23_be06aa29fc0b62250a35cd1433377ed8_cryptolocker
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rlwEs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.wdbm
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.epwjdwx
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RisVgtS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.zKnY
Size: 1024B - Virtual size: 753B

IMAGE_SCN_MEM_READ