General

Malware Config

Signatures

Files

• 2024-01-25_9b5c4613dc241dfa68ecfa73cc7cf1d3_cryptolocker

  .exe windows:5 windows x86 arch:x86

  021d5e7849e90fdf4c65d3045c109483

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  UpdateWindow

  LoadCursorA

  ShowWindow

  PostQuitMessage

  GetMessageA

  EndPaint

  DispatchMessageA

  BeginPaint

  TranslateMessage

  CreateWindowExA

  RegisterClassExA

  DefWindowProcA

  MessageBoxA

  SendMessageA

  DestroyWindow

  LoadIconA

  GetWindowRect

  SetWindowPos

  kernel32

  GetCurrentThreadId

  CreateFileA

  GetLastError

  lstrcpyA

  GetModuleHandleA

  GetCommandLineA

  FindFirstFileA

  GetCurrentDirectoryA

  FindClose

  GetFileSize

  FindNextFileA

  DeleteFileA

  CloseHandle

  GetCurrentProcessId

  GetCurrentProcess

  gdi32

  CreateFontIndirectA

  Sections

  .text

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 536B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .ropf

  Size: 512B - Virtual size: 101B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ