Static task
static1
Behavioral task
behavioral1
Sample
2024-02-20_f235f65a435d3e23add6ec5064486c62_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-20_f235f65a435d3e23add6ec5064486c62_cryptolocker.exe
Resource
win10v2004-20231215-en
General
-
Target
2024-02-20_f235f65a435d3e23add6ec5064486c62_cryptolocker
-
Size
96KB
-
MD5
f235f65a435d3e23add6ec5064486c62
-
SHA1
e807f78e0227cd16650c1a04001133155338d91e
-
SHA256
eb4c181c039d2a667adca2a783f40129c97ea67977ff26ed11656726e7d746a5
-
SHA512
421bfef8431c46cc45e1caa651b7fa7e9b54642e6b8a0685b4f847939f6df2a0cae95651e807c22b5ffc231d6a2ad6f5db0966461b1da891dc211d67e8f6c1bc
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgp0xy2:V6a+pOtEvwDpjtzr
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule sample CryptoLocker_rule2 -
Detection of Cryptolocker Samples 1 IoCs
resource yara_rule sample CryptoLocker_set1 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-20_f235f65a435d3e23add6ec5064486c62_cryptolocker
Files
-
2024-02-20_f235f65a435d3e23add6ec5064486c62_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 536B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ