General
-
Target
2024-02-23_63a255ba2161eccedf74ee312c42bda6_cryptolocker
-
Size
34KB
-
Sample
240223-jeym4sdd4t
-
MD5
63a255ba2161eccedf74ee312c42bda6
-
SHA1
744ec005642d7dbaff7207092b257d24f91c3645
-
SHA256
b81ac905cf95ea885d23ca3dc04aadf990918dc57e5e671ea53f925e2896e7e2
-
SHA512
aefa8d6639ecd22157c729588beda48d9fc848026f4c523810c8aca232aa68823720b045cd576073674debb8186dd4ee83b56c4043c6486576d7dd1e71fe6bd8
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzu02lOQA3U:b/yC4GyNM01GuQMNXw2PSjHC02ltAk
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_63a255ba2161eccedf74ee312c42bda6_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-23_63a255ba2161eccedf74ee312c42bda6_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_63a255ba2161eccedf74ee312c42bda6_cryptolocker
-
Size
34KB
-
MD5
63a255ba2161eccedf74ee312c42bda6
-
SHA1
744ec005642d7dbaff7207092b257d24f91c3645
-
SHA256
b81ac905cf95ea885d23ca3dc04aadf990918dc57e5e671ea53f925e2896e7e2
-
SHA512
aefa8d6639ecd22157c729588beda48d9fc848026f4c523810c8aca232aa68823720b045cd576073674debb8186dd4ee83b56c4043c6486576d7dd1e71fe6bd8
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzu02lOQA3U:b/yC4GyNM01GuQMNXw2PSjHC02ltAk
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-