General
-
Target
2024-02-12_590fe969d886bad01c5f1c2b026260db_cryptolocker
-
Size
64KB
-
Sample
240212-yp5xhabd4s
-
MD5
590fe969d886bad01c5f1c2b026260db
-
SHA1
e7a1ee3e58d370cf92b7439aa9bd37a55505908d
-
SHA256
bcc6aee40c0c611945460c6ac0242c7a2ce9b42bc9fae6ed4cd54671618a7607
-
SHA512
fe938180a2c9a6c2acbeac6e966933958a19c11e9bd970885a29c4a200a6b03e60ded365996b3fb7b15f0149b43939c7d74acc949b6cc1b0583b83b8da4dcf14
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIb:6j+1NMOtEvwDpjr8ox8UDEpuha8PIb
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_590fe969d886bad01c5f1c2b026260db_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_590fe969d886bad01c5f1c2b026260db_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_590fe969d886bad01c5f1c2b026260db_cryptolocker
-
Size
64KB
-
MD5
590fe969d886bad01c5f1c2b026260db
-
SHA1
e7a1ee3e58d370cf92b7439aa9bd37a55505908d
-
SHA256
bcc6aee40c0c611945460c6ac0242c7a2ce9b42bc9fae6ed4cd54671618a7607
-
SHA512
fe938180a2c9a6c2acbeac6e966933958a19c11e9bd970885a29c4a200a6b03e60ded365996b3fb7b15f0149b43939c7d74acc949b6cc1b0583b83b8da4dcf14
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIb:6j+1NMOtEvwDpjr8ox8UDEpuha8PIb
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-