2024-03-14_f5d07a6fe867476e0fa191cb58871661_cryptolocker

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-14_f5d07a6fe867476e0fa191cb58871661_cryptolocker
Size

5.5MB
MD5

f5d07a6fe867476e0fa191cb58871661
SHA1

0fdc4797214a9a5fed3edd45c28475f95df06482
SHA256

eb27a88f8463de21738a4b1e624b9fd0c882f7d9207cb1346e6297960cfb0cae
SHA512

d44c29dcf7ec70aad03e6be199d2e58106852bf94c427ad1176a629bc14b26d332f94f2ac594e4d8ca9a890411cb4f0d7b60845da8c283a16d16e30fddce7225
SSDEEP

98304:tGiPCjI9nGdFD8nBHm/lOs4HucAmD/YpJJRsH9KsUbIP8Z/AzdKfeT1:fP7aa3uzmD/IJR09KbMPkT01

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-14_f5d07a6fe867476e0fa191cb58871661_cryptolocker

Files

2024-03-14_f5d07a6fe867476e0fa191cb58871661_cryptolocker
.exe windows:5 windows x86 arch:x86

7d8b8176d47a48d247c5968aa71790c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
CharUpperBuffW

kernel32

GetLastError
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

gdi32

CreateFontIndirectA

Sections

.text
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b>w
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.$f0
Size: - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w86
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lvd
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w%@
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d8b8176d47a48d247c5968aa71790c4

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: - Virtual size: 11KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 1KB

.b>w Size: - Virtual size: 10KB

.$f0 Size: - Virtual size: 542B

.htext Size: - Virtual size: 4KB

.w86 Size: - Virtual size: 3.0MB

.Lvd Size: 1024B - Virtual size: 980B

.w%@ Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: - Virtual size: 11KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 1KB

.b>w
Size: - Virtual size: 10KB

.$f0
Size: - Virtual size: 542B

.htext
Size: - Virtual size: 4KB

.w86
Size: - Virtual size: 3.0MB

.Lvd
Size: 1024B - Virtual size: 980B

.w%@
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 11KB - Virtual size: 10KB