General
-
Target
2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker
-
Size
38KB
-
Sample
240222-2pc39sga7s
-
MD5
f951ec5a685e1ba9d5041a46682f3606
-
SHA1
f9ecc4c2979fd747258c84287b718a141720d70c
-
SHA256
048fcc7d8cda5d76e448cd478f0983a71f7231a332a1fe6ee85410b09cf676b6
-
SHA512
411d99cf373a713f2380a81f11d0e942ddd5f87415fd8ade8006fe4a0cd5f100862fb05b6d893cfda6231e9ed4111c89d72ebc8ff167f6d69c31c23ced1cc9ff
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxugfk:b/yC4GyNM01GuQMNXw2PSjHPbSuYlC
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-22_f951ec5a685e1ba9d5041a46682f3606_cryptolocker
-
Size
38KB
-
MD5
f951ec5a685e1ba9d5041a46682f3606
-
SHA1
f9ecc4c2979fd747258c84287b718a141720d70c
-
SHA256
048fcc7d8cda5d76e448cd478f0983a71f7231a332a1fe6ee85410b09cf676b6
-
SHA512
411d99cf373a713f2380a81f11d0e942ddd5f87415fd8ade8006fe4a0cd5f100862fb05b6d893cfda6231e9ed4111c89d72ebc8ff167f6d69c31c23ced1cc9ff
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AJvDSuYlxugfk:b/yC4GyNM01GuQMNXw2PSjHPbSuYlC
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-