Static task
static1
Behavioral task
behavioral1
Sample
2024-02-19_d66c59c7323d5e4bf7af45dacb7d3ddd_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-19_d66c59c7323d5e4bf7af45dacb7d3ddd_cryptolocker.exe
Resource
win10v2004-20231222-en
General
-
Target
2024-02-19_d66c59c7323d5e4bf7af45dacb7d3ddd_cryptolocker
-
Size
76KB
-
MD5
d66c59c7323d5e4bf7af45dacb7d3ddd
-
SHA1
5f41bf1bd20f7ae79f488b611ee5bd8df44ff6c5
-
SHA256
15f49a8b17f1962b7b6c68f7144d69781f8c5da36fa8dc7ff81e06e0796169cd
-
SHA512
e3093ec7f18499c8039c29b40251267cb3909fb1f544a93d37af7c139812e69506e0bbe68b5b1019e5afe75a9745ee9384f77accd41c5ccf49a5d05b583b3a15
-
SSDEEP
1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KuA5F:ZVxkGOtEvwDpjca2
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule sample CryptoLocker_rule2 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-19_d66c59c7323d5e4bf7af45dacb7d3ddd_cryptolocker
Files
-
2024-02-19_d66c59c7323d5e4bf7af45dacb7d3ddd_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 10KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
petite Size: 334B - Virtual size: 334B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ