General
-
Target
2024-03-11_9bbc3654bf035bf853d9d15d3864b2bc_cryptolocker
-
Size
49KB
-
Sample
240311-bykatsgh79
-
MD5
9bbc3654bf035bf853d9d15d3864b2bc
-
SHA1
500a4b8253adc2b189401d3be3059e4104ebe2c6
-
SHA256
48a489e581639a66722b8c08dad46a77be4f106ac44903100f86ef3cae4ce421
-
SHA512
96b44c20f8c46a56eb6d13cabf1ce7422cb60cef6ba6c91e80dd5e9d9f9a14bf57f34ff3751d7ad1f4a328e3404653b7c6bf506bcb7aec230d09b2e29b289072
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6Impy1:BbdDmjr+OtEvwDpjMy
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-11_9bbc3654bf035bf853d9d15d3864b2bc_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-11_9bbc3654bf035bf853d9d15d3864b2bc_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-11_9bbc3654bf035bf853d9d15d3864b2bc_cryptolocker
-
Size
49KB
-
MD5
9bbc3654bf035bf853d9d15d3864b2bc
-
SHA1
500a4b8253adc2b189401d3be3059e4104ebe2c6
-
SHA256
48a489e581639a66722b8c08dad46a77be4f106ac44903100f86ef3cae4ce421
-
SHA512
96b44c20f8c46a56eb6d13cabf1ce7422cb60cef6ba6c91e80dd5e9d9f9a14bf57f34ff3751d7ad1f4a328e3404653b7c6bf506bcb7aec230d09b2e29b289072
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6Impy1:BbdDmjr+OtEvwDpjMy
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-