General
-
Target
2024-02-12_bf2b5ada0d2138f4d5c15eeb185b6e11_cryptolocker
-
Size
35KB
-
Sample
240212-wdrvdscd28
-
MD5
bf2b5ada0d2138f4d5c15eeb185b6e11
-
SHA1
b63457f80eec3e8fc79d0c28163d7a18d1e1a8aa
-
SHA256
f97f29ee27ea80414842db170ed6fbb9eed35de82a8950fa193d405c097e53c9
-
SHA512
e05099db7e67f6495c1dc24ead0dd9d857780081eb69023f62c9eb36e7dccd702b5f29900c530f108166f9b549a7e1c7d6135bbe4b2410f429b05992064b59cc
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZ1aBg6:b/yC4GyNM01GuQMNXw2PSj1PrH6
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_bf2b5ada0d2138f4d5c15eeb185b6e11_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-12_bf2b5ada0d2138f4d5c15eeb185b6e11_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-12_bf2b5ada0d2138f4d5c15eeb185b6e11_cryptolocker
-
Size
35KB
-
MD5
bf2b5ada0d2138f4d5c15eeb185b6e11
-
SHA1
b63457f80eec3e8fc79d0c28163d7a18d1e1a8aa
-
SHA256
f97f29ee27ea80414842db170ed6fbb9eed35de82a8950fa193d405c097e53c9
-
SHA512
e05099db7e67f6495c1dc24ead0dd9d857780081eb69023f62c9eb36e7dccd702b5f29900c530f108166f9b549a7e1c7d6135bbe4b2410f429b05992064b59cc
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZ1aBg6:b/yC4GyNM01GuQMNXw2PSj1PrH6
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-