General
-
Target
2024-01-25_bf5a5476023b750f22c129ebfd50709b_cryptolocker
-
Size
85KB
-
Sample
240125-s8zxpsaad5
-
MD5
bf5a5476023b750f22c129ebfd50709b
-
SHA1
3995c17e4449c70a53284556e969113bb758ccf4
-
SHA256
27a416ad2750933a743e28531c295611b8382882af3368a1f091a47a2bed4708
-
SHA512
40f20bac3218454e2f8943ae6b7e05334275d11a9404f67f6ce61e261d4b58fa1af9ed13e45a5f66dd2ce165c6a8d2794aef20d0a8272ed07fc4f38fe1f9a286
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtISO:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgU
Behavioral task
behavioral1
Sample
2024-01-25_bf5a5476023b750f22c129ebfd50709b_cryptolocker.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2024-01-25_bf5a5476023b750f22c129ebfd50709b_cryptolocker
-
Size
85KB
-
MD5
bf5a5476023b750f22c129ebfd50709b
-
SHA1
3995c17e4449c70a53284556e969113bb758ccf4
-
SHA256
27a416ad2750933a743e28531c295611b8382882af3368a1f091a47a2bed4708
-
SHA512
40f20bac3218454e2f8943ae6b7e05334275d11a9404f67f6ce61e261d4b58fa1af9ed13e45a5f66dd2ce165c6a8d2794aef20d0a8272ed07fc4f38fe1f9a286
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtISO:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgU
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-