General
-
Target
2024-02-12_6f9bdcded005cf7c07ad4ec72a6fe3a8_cryptolocker
-
Size
42KB
-
Sample
240212-ysa7asda95
-
MD5
6f9bdcded005cf7c07ad4ec72a6fe3a8
-
SHA1
ef9823df0d6345553d47f27e9ac78cb49cc7c4e9
-
SHA256
b17005019f573d087868a1d9413bc7c4922d437ec1a0586369a860b4a058885b
-
SHA512
80ad76e05e0f5a358039a9b849eb59217ce4624a234ea53a4fe5a904cd46eba85de1483ea534436a3ee6e36a9c902c9eae7464d8c70477c2bbf47dc4ef2caa7f
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMpheh:bc/y2lkF0+Be0
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_6f9bdcded005cf7c07ad4ec72a6fe3a8_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-12_6f9bdcded005cf7c07ad4ec72a6fe3a8_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-12_6f9bdcded005cf7c07ad4ec72a6fe3a8_cryptolocker
-
Size
42KB
-
MD5
6f9bdcded005cf7c07ad4ec72a6fe3a8
-
SHA1
ef9823df0d6345553d47f27e9ac78cb49cc7c4e9
-
SHA256
b17005019f573d087868a1d9413bc7c4922d437ec1a0586369a860b4a058885b
-
SHA512
80ad76e05e0f5a358039a9b849eb59217ce4624a234ea53a4fe5a904cd46eba85de1483ea534436a3ee6e36a9c902c9eae7464d8c70477c2bbf47dc4ef2caa7f
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMpheh:bc/y2lkF0+Be0
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-