General
-
Target
2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker
-
Size
28KB
-
Sample
240223-ld4h3sef69
-
MD5
09d3a990dd83668d4d9b542898b6a068
-
SHA1
8980670d331947a9aef93fc2913c0ebc7860ae39
-
SHA256
3f10149a0cf764ae340d96ce2a15a16bd2a94067540dac6310482c587dad5cb0
-
SHA512
6b17e9f4a1a5fa0d6a84f51f8bfa5fc714e53a8dbb58b8b00c69638319fd504c7c9d5dcee302925e41f8a8b7071125b13c0728162610deb8e7fdb3b6f7e5ad3a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ui:b/yC4GyNM01GuQMNXum+n
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_09d3a990dd83668d4d9b542898b6a068_cryptolocker
-
Size
28KB
-
MD5
09d3a990dd83668d4d9b542898b6a068
-
SHA1
8980670d331947a9aef93fc2913c0ebc7860ae39
-
SHA256
3f10149a0cf764ae340d96ce2a15a16bd2a94067540dac6310482c587dad5cb0
-
SHA512
6b17e9f4a1a5fa0d6a84f51f8bfa5fc714e53a8dbb58b8b00c69638319fd504c7c9d5dcee302925e41f8a8b7071125b13c0728162610deb8e7fdb3b6f7e5ad3a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+Ui:b/yC4GyNM01GuQMNXum+n
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-