General
-
Target
2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker
-
Size
42KB
-
Sample
240223-lqklqseh45
-
MD5
76d908342030a91f397ac49f8947ce60
-
SHA1
d2c399460f711986a7e23a7c35713ba8978541c2
-
SHA256
13448075403b511ca1577496a89d23e64af097f838a433b0f9d45c4aad17b367
-
SHA512
913a77beb0e417b0d93d4dae230485e1720c39465ab92d9b2caa1d4ebbc85ecf8a3dde606d59e8a3d6cc287338caf7cdecb5ca7f8ba015b924fd09cd4af05612
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAZ:b/pYayGig5HjS3NPAZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_76d908342030a91f397ac49f8947ce60_cryptolocker
-
Size
42KB
-
MD5
76d908342030a91f397ac49f8947ce60
-
SHA1
d2c399460f711986a7e23a7c35713ba8978541c2
-
SHA256
13448075403b511ca1577496a89d23e64af097f838a433b0f9d45c4aad17b367
-
SHA512
913a77beb0e417b0d93d4dae230485e1720c39465ab92d9b2caa1d4ebbc85ecf8a3dde606d59e8a3d6cc287338caf7cdecb5ca7f8ba015b924fd09cd4af05612
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAZ:b/pYayGig5HjS3NPAZ
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-