General
-
Target
2024-01-25_5607a407a6cc703ab6aba2758bfc8afe_cryptolocker
-
Size
97KB
-
Sample
240125-szfgpsagbl
-
MD5
5607a407a6cc703ab6aba2758bfc8afe
-
SHA1
6e15a59455b34ecaca72d718a59c7b1c9f7c192a
-
SHA256
7663f3de526cdb52b869fd288b53ae297db3e616988bb8ec5f1c5505157a30f9
-
SHA512
3dcc442551d9c3fa65e2eb55a52de31c6cb74582988d21fa78d664f54f5f2ef7b0b8db2d87627a689864b931a1901c9f2877d433c3f80f878a96bf5afa985e7a
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjuvQx:zCsanOtEvwDpjS
Behavioral task
behavioral1
Sample
2024-01-25_5607a407a6cc703ab6aba2758bfc8afe_cryptolocker.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_5607a407a6cc703ab6aba2758bfc8afe_cryptolocker
-
Size
97KB
-
MD5
5607a407a6cc703ab6aba2758bfc8afe
-
SHA1
6e15a59455b34ecaca72d718a59c7b1c9f7c192a
-
SHA256
7663f3de526cdb52b869fd288b53ae297db3e616988bb8ec5f1c5505157a30f9
-
SHA512
3dcc442551d9c3fa65e2eb55a52de31c6cb74582988d21fa78d664f54f5f2ef7b0b8db2d87627a689864b931a1901c9f2877d433c3f80f878a96bf5afa985e7a
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjuvQx:zCsanOtEvwDpjS
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-