General
-
Target
2024-02-12_fd57f8d848b1d3b1a979e63872c71568_cryptolocker
-
Size
34KB
-
Sample
240212-wj9bmacd89
-
MD5
fd57f8d848b1d3b1a979e63872c71568
-
SHA1
a8631905d00446deee247d6d22b772587b4ab4da
-
SHA256
7d16d2e8b5dafb6df11780dfd337eb809429afdd284c97b09a19e1b933928885
-
SHA512
81c6c132f2266fee2a0a0a7a3fda7e7b4861e07c40f4ccc3efdfd7d6a9f5d186bc771831f5d79bbe4e64e40d8044c90a96f6483d6088a3f45344dd0a8a17d1e1
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZP8j:b/yC4GyNM01GuQMNXw2PSj1Ph8j
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_fd57f8d848b1d3b1a979e63872c71568_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_fd57f8d848b1d3b1a979e63872c71568_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-12_fd57f8d848b1d3b1a979e63872c71568_cryptolocker
-
Size
34KB
-
MD5
fd57f8d848b1d3b1a979e63872c71568
-
SHA1
a8631905d00446deee247d6d22b772587b4ab4da
-
SHA256
7d16d2e8b5dafb6df11780dfd337eb809429afdd284c97b09a19e1b933928885
-
SHA512
81c6c132f2266fee2a0a0a7a3fda7e7b4861e07c40f4ccc3efdfd7d6a9f5d186bc771831f5d79bbe4e64e40d8044c90a96f6483d6088a3f45344dd0a8a17d1e1
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZP8j:b/yC4GyNM01GuQMNXw2PSj1Ph8j
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-