General
-
Target
2024-02-12_12f666b985d3de305db25b121e3c17f8_cryptolocker
-
Size
128KB
-
Sample
240212-y59kmabe9t
-
MD5
12f666b985d3de305db25b121e3c17f8
-
SHA1
a435d05ebccdb6a7be49b027568e7ca393fe467b
-
SHA256
04df7ff9517f3ad6a6eb2c262cb1242179f89d6151c160b47ff6211c8297be81
-
SHA512
a77e7a5a7a5b03597cb0c1aa3fb1665ead1bd58ae108bd6f6160dea3a661856ca2266902f15be08c1d36a28fd8fdbf285eaf659c30af4046016a1cc978614c6e
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1ejU2:AnBdOOtEvwDpj6z1
Behavioral task
behavioral1
Sample
2024-02-12_12f666b985d3de305db25b121e3c17f8_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_12f666b985d3de305db25b121e3c17f8_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_12f666b985d3de305db25b121e3c17f8_cryptolocker
-
Size
128KB
-
MD5
12f666b985d3de305db25b121e3c17f8
-
SHA1
a435d05ebccdb6a7be49b027568e7ca393fe467b
-
SHA256
04df7ff9517f3ad6a6eb2c262cb1242179f89d6151c160b47ff6211c8297be81
-
SHA512
a77e7a5a7a5b03597cb0c1aa3fb1665ead1bd58ae108bd6f6160dea3a661856ca2266902f15be08c1d36a28fd8fdbf285eaf659c30af4046016a1cc978614c6e
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1ejU2:AnBdOOtEvwDpj6z1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-