General
-
Target
2024-01-25_e544072e1ad79a163137695486aa0256_cryptolocker
-
Size
80KB
-
Sample
240125-tbq4zaaba2
-
MD5
e544072e1ad79a163137695486aa0256
-
SHA1
a5ed04e3e7b734f3f29215869dbf9b0fe6b8874d
-
SHA256
9331f721bff96d9211a48d60defc44899844996c0f68025f47843e60f191e0f2
-
SHA512
397312321c6127ac20bb2b0aee67d255172fb34deb0801771739847484c26797fa9f730eb9c64575fc319df4a73ec57af8ffee123ba2fb2573d0d7cc39cf855c
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOT78:T6a+rdOOtEvwDpjNQ
Behavioral task
behavioral1
Sample
2024-01-25_e544072e1ad79a163137695486aa0256_cryptolocker.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_e544072e1ad79a163137695486aa0256_cryptolocker
-
Size
80KB
-
MD5
e544072e1ad79a163137695486aa0256
-
SHA1
a5ed04e3e7b734f3f29215869dbf9b0fe6b8874d
-
SHA256
9331f721bff96d9211a48d60defc44899844996c0f68025f47843e60f191e0f2
-
SHA512
397312321c6127ac20bb2b0aee67d255172fb34deb0801771739847484c26797fa9f730eb9c64575fc319df4a73ec57af8ffee123ba2fb2573d0d7cc39cf855c
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOT78:T6a+rdOOtEvwDpjNQ
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-