2024-01-28_b0a1675179c7a3bc5ad9f7d7fa6a3bf8_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-28_b0a1675179c7a3bc5ad9f7d7fa6a3bf8_cryptolocker
Size

60KB
MD5

b0a1675179c7a3bc5ad9f7d7fa6a3bf8
SHA1

4b2eba9c48414e01e166a0941ce908f2ea9bd1e6
SHA256

ebf67a5cd129ccffd304516f5544892a7cc11babe064c68d506866b0b4b53667
SHA512

00a12557610356efc3e07ecc24ed047a65f1fc5de72b789f7772bc38f6a669838d8d452e65318b42ff7d07cc3efce629fa47535e433ef6b7892a335b2ead8bd1
SSDEEP

768:F6LsoEEeegiZPvEhHSG+g2MmQtOOtEvwDpjB:F6QFElP6n+gzmQMOtEvwDpjB

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_b0a1675179c7a3bc5ad9f7d7fa6a3bf8_cryptolocker

Files

2024-01-28_b0a1675179c7a3bc5ad9f7d7fa6a3bf8_cryptolocker
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rlwEs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.wdbm
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.epwjdwx
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RisVgtS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.zKnY
Size: 1024B - Virtual size: 753B

IMAGE_SCN_MEM_READ