General
-
Target
2024-01-25_5817e884398565369d2e2d219ee7bea1_cryptolocker
-
Size
57KB
-
Sample
240125-szlcyshgg7
-
MD5
5817e884398565369d2e2d219ee7bea1
-
SHA1
d6c79333c1887a92c23ef5fa7880e05ee5abab55
-
SHA256
1ed9e6a4452c35bbdf63020aec30b6b1504fb100ecea7937fbc27656e946816e
-
SHA512
979a9bc52d78bd574d77a1cca2d906da72606bac2e546b98185d1f46ec08c03f7228f48dd03fa6a78c50c71662fba60dac04f76dad267a47a2228530e7d796c5
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEh:xj+VGMOtEvwDpjubEgywEh
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-25_5817e884398565369d2e2d219ee7bea1_cryptolocker.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_5817e884398565369d2e2d219ee7bea1_cryptolocker
-
Size
57KB
-
MD5
5817e884398565369d2e2d219ee7bea1
-
SHA1
d6c79333c1887a92c23ef5fa7880e05ee5abab55
-
SHA256
1ed9e6a4452c35bbdf63020aec30b6b1504fb100ecea7937fbc27656e946816e
-
SHA512
979a9bc52d78bd574d77a1cca2d906da72606bac2e546b98185d1f46ec08c03f7228f48dd03fa6a78c50c71662fba60dac04f76dad267a47a2228530e7d796c5
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEh:xj+VGMOtEvwDpjubEgywEh
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-