General
-
Target
2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker
-
Size
31KB
-
Sample
240222-z84dfsfc6s
-
MD5
10c24dcc69a62127ce58d390091a317e
-
SHA1
77999bdef98ad0131c88956dd0d11463f45dd8ee
-
SHA256
1306752b59ffdb15f4a3cd61c54cbc400d71207cee150dd67dd45e90987a7932
-
SHA512
c0cab91d3c5a7d6a821ac06af3c22368581e55ef590262666435af17b56d8c27a2b1d48dadb9246d5d83a2f7c6519eb395b4ea5254f3fb1f9aa6f2f1d5051d60
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYY:b/yC4GyNM01GuQMNXw2PSjWoYY
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-22_10c24dcc69a62127ce58d390091a317e_cryptolocker
-
Size
31KB
-
MD5
10c24dcc69a62127ce58d390091a317e
-
SHA1
77999bdef98ad0131c88956dd0d11463f45dd8ee
-
SHA256
1306752b59ffdb15f4a3cd61c54cbc400d71207cee150dd67dd45e90987a7932
-
SHA512
c0cab91d3c5a7d6a821ac06af3c22368581e55ef590262666435af17b56d8c27a2b1d48dadb9246d5d83a2f7c6519eb395b4ea5254f3fb1f9aa6f2f1d5051d60
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUssoYY:b/yC4GyNM01GuQMNXw2PSjWoYY
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-