General
-
Target
2024-02-12_eb736f1d90f6a49e601b286f36acc564_cryptolocker
-
Size
385KB
-
Sample
240212-y8rtzsdd24
-
MD5
eb736f1d90f6a49e601b286f36acc564
-
SHA1
738d72c67af3392b7f43f85ec7f99a1cf69113c3
-
SHA256
ecf7ef29b566affe1a7fd3fc9b458509f358acbfa131099964bf4d2492fb459d
-
SHA512
adb62229148d9b21be9f785de087b2c21f2d6c2b25d1cd877d06b7cb92b6c3ae82193ba0c366c51c5fe9430feb9ef033bf13a992a18508a67ee3cc4f32f6eb51
-
SSDEEP
6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXh:nnOflT/ZFIjBz3xjTxynGUOUhXh
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_eb736f1d90f6a49e601b286f36acc564_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-12_eb736f1d90f6a49e601b286f36acc564_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_eb736f1d90f6a49e601b286f36acc564_cryptolocker
-
Size
385KB
-
MD5
eb736f1d90f6a49e601b286f36acc564
-
SHA1
738d72c67af3392b7f43f85ec7f99a1cf69113c3
-
SHA256
ecf7ef29b566affe1a7fd3fc9b458509f358acbfa131099964bf4d2492fb459d
-
SHA512
adb62229148d9b21be9f785de087b2c21f2d6c2b25d1cd877d06b7cb92b6c3ae82193ba0c366c51c5fe9430feb9ef033bf13a992a18508a67ee3cc4f32f6eb51
-
SSDEEP
6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXh:nnOflT/ZFIjBz3xjTxynGUOUhXh
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-