General
-
Target
2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker
-
Size
31KB
-
Sample
240222-wdfr5adc3v
-
MD5
aa64fef12286342a6b5de2fd9bfa853c
-
SHA1
ba4466c2fb7148c92849694d428a46dc07c5d3b9
-
SHA256
a916bf519645d34dc9a55f47fb864b9074406be5311a88dd5193ddef8262a3e0
-
SHA512
e206e59e7fc494197258ae65c08d459a7fd66d6741ba65b09f1185f972511f3168a867a875daed6850c3be789f4fbe84bc272c1639501ac818bf53aea6604909
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYL:b/yC4GyNM01GuQMNXw2PSjWoYL
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-22_aa64fef12286342a6b5de2fd9bfa853c_cryptolocker
-
Size
31KB
-
MD5
aa64fef12286342a6b5de2fd9bfa853c
-
SHA1
ba4466c2fb7148c92849694d428a46dc07c5d3b9
-
SHA256
a916bf519645d34dc9a55f47fb864b9074406be5311a88dd5193ddef8262a3e0
-
SHA512
e206e59e7fc494197258ae65c08d459a7fd66d6741ba65b09f1185f972511f3168a867a875daed6850c3be789f4fbe84bc272c1639501ac818bf53aea6604909
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYL:b/yC4GyNM01GuQMNXw2PSjWoYL
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-