Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_cde14e53d232b0bc23ba223b32f41fde_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_cde14e53d232b0bc23ba223b32f41fde_cryptolocker.exe
Resource
win10v2004-20240226-en
General
-
Target
2024-02-28_cde14e53d232b0bc23ba223b32f41fde_cryptolocker
-
Size
38KB
-
MD5
cde14e53d232b0bc23ba223b32f41fde
-
SHA1
528dde33ff1f0e61521bd00007132e6c28e24035
-
SHA256
384fd36b9fe46c5ab71034fd5ddbfb4f3b1e795cdee66d198a6dd68cdd4f7136
-
SHA512
6ad6a1b1c4f3fe897912cde17b38df917e495aec051e4a2d1af0aad63b2c5ad6c6b67a01e03ccbcb6448b672998430bc901bca902208603f4308c1e88b4b4171
-
SSDEEP
768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkLHwc:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLT
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule sample CryptoLocker_rule2 -
Detection of Cryptolocker Samples 1 IoCs
resource yara_rule sample CryptoLocker_set1 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-02-28_cde14e53d232b0bc23ba223b32f41fde_cryptolocker
Files
-
2024-02-28_cde14e53d232b0bc23ba223b32f41fde_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 536B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.yya Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ