General
-
Target
2024-02-12_12b9b777b60f977d397608c4792b2f1a_cryptolocker
-
Size
71KB
-
Sample
240212-y5577sdc63
-
MD5
12b9b777b60f977d397608c4792b2f1a
-
SHA1
abd2774d44a63b0db178caa3a14ec00218ae9249
-
SHA256
18ba12b21d2cdb30dc438e15f88b6453386eaa9af790a4eb5ba8f809ae1f2fe6
-
SHA512
bb0c6de5298be7b0be27ad47cb3babd953c799c4579392dea5360f1937da0c2cb2d7eded769d535d202229207a1be9e70b5d57dff844b562d3a20ec12696ba91
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalel:1nK6a+qdOOtEvwDpjJ
Behavioral task
behavioral1
Sample
2024-02-12_12b9b777b60f977d397608c4792b2f1a_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_12b9b777b60f977d397608c4792b2f1a_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_12b9b777b60f977d397608c4792b2f1a_cryptolocker
-
Size
71KB
-
MD5
12b9b777b60f977d397608c4792b2f1a
-
SHA1
abd2774d44a63b0db178caa3a14ec00218ae9249
-
SHA256
18ba12b21d2cdb30dc438e15f88b6453386eaa9af790a4eb5ba8f809ae1f2fe6
-
SHA512
bb0c6de5298be7b0be27ad47cb3babd953c799c4579392dea5360f1937da0c2cb2d7eded769d535d202229207a1be9e70b5d57dff844b562d3a20ec12696ba91
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalel:1nK6a+qdOOtEvwDpjJ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-