2024-01-25_6aa9dc7ec27313680d7e1b46cca96379_cryptolocker | Triage

Sharing

General

Target

2024-01-25_6aa9dc7ec27313680d7e1b46cca96379_cryptolocker
Size

60KB
MD5

6aa9dc7ec27313680d7e1b46cca96379
SHA1

96035071222b15f2d217813e493de4603e06dcfc
SHA256

ae3f13a8327d605128769ff0f01ab6db0a428348c7e616700adb5f1f1c252fad
SHA512

b8b6970de92d56fbcf9519f1e13672e781becaf460eafe69d7b77164b235e800d4b25eb28ec77675d1815865e05d2d633d0f22243705fb4bc61539cd1fcaad8d
SSDEEP

768:F6LsoEEeegiZPvEhHSG+g2McQtOOtEvwDpjB:F6QFElP6n+gzcQMOtEvwDpjB

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-25_6aa9dc7ec27313680d7e1b46cca96379_cryptolocker

Files

2024-01-25_6aa9dc7ec27313680d7e1b46cca96379_cryptolocker
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rlwEs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.wdbm
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.epwjdwx
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RisVgtS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.zKnY
Size: 1024B - Virtual size: 753B

IMAGE_SCN_MEM_READ