General
-
Target
2024-01-25_a9d2346b879000d8683da1102604210e_cryptolocker
-
Size
40KB
-
Sample
240125-v5gcascffn
-
MD5
a9d2346b879000d8683da1102604210e
-
SHA1
ce453f13f3568629cf2463a9e97bde3c7f109021
-
SHA256
9428e9731d6599a663b3e02e4baa2ad00d2f764653bb39abbd40fc486bbbbfb5
-
SHA512
4fc97eeb25fa32dc9cd8e84fbf699f34459cf5543cff117486b6fe75925eda1d9c4790bec28073045e0c57fc66da03d578161d9fb20100083dec113b97fcfcc0
-
SSDEEP
384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOo:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/G
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-25_a9d2346b879000d8683da1102604210e_cryptolocker.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_a9d2346b879000d8683da1102604210e_cryptolocker
-
Size
40KB
-
MD5
a9d2346b879000d8683da1102604210e
-
SHA1
ce453f13f3568629cf2463a9e97bde3c7f109021
-
SHA256
9428e9731d6599a663b3e02e4baa2ad00d2f764653bb39abbd40fc486bbbbfb5
-
SHA512
4fc97eeb25fa32dc9cd8e84fbf699f34459cf5543cff117486b6fe75925eda1d9c4790bec28073045e0c57fc66da03d578161d9fb20100083dec113b97fcfcc0
-
SSDEEP
384:60VkMq01bJ3wtEwPS8HLEh+Jagz+3be+26aIIcVRYpetOOtEvwDpjqIGRmdHzOOo:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/G
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-