Static task
static1
Behavioral task
behavioral1
Sample
2024-03-11_1245cbd1c986a50fbc536685c49985e3_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-11_1245cbd1c986a50fbc536685c49985e3_cryptolocker.exe
Resource
win10v2004-20240226-en
General
-
Target
2024-03-11_1245cbd1c986a50fbc536685c49985e3_cryptolocker
-
Size
30KB
-
MD5
1245cbd1c986a50fbc536685c49985e3
-
SHA1
d0cf96b31f140dd546b3fefd5b99ef92ff409b9f
-
SHA256
4f9a85a779fed35549416cf4bef37d3662271c0e25782362d6af9eeae2bd6411
-
SHA512
7d852b76ece824f0f8859a2e57fe1f7247db5a85bbb30c1c8e0eac6a2c658bdc48d8ae037606424b3a7b9c86123454761c4037ca7e41a99f5e9013df4ea8057b
-
SSDEEP
768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xuU:q0zizzOSxMOtEvwDpj/arQU
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule sample CryptoLocker_rule2 -
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-03-11_1245cbd1c986a50fbc536685c49985e3_cryptolocker
Files
-
2024-03-11_1245cbd1c986a50fbc536685c49985e3_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
ukiwGhLB Size: - Virtual size: 36KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MIZwSMcb Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE