General
-
Target
2024-03-25_797e8676c9a60f7184d29c8aed3cd661_cryptolocker
-
Size
43KB
-
Sample
240325-3qt9lsah23
-
MD5
797e8676c9a60f7184d29c8aed3cd661
-
SHA1
40a2bf3d0742669920ca3364cc9289b7a6480f4e
-
SHA256
6a8233e368cc0fdb198bc895ead506cb095cabaff18da4dba51b86c05437e927
-
SHA512
3fdaa254e1c540e7a195babeb7120f26a32bf2496348fefb544bfb1e5c85f9e18f464ee9d5dd4830e4252b965d80f2845cb716005c609dd77016754de93f5e16
-
SSDEEP
768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+syQNAP:bgGYcA/53GADw8Cl/nP
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-25_797e8676c9a60f7184d29c8aed3cd661_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-25_797e8676c9a60f7184d29c8aed3cd661_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-25_797e8676c9a60f7184d29c8aed3cd661_cryptolocker
-
Size
43KB
-
MD5
797e8676c9a60f7184d29c8aed3cd661
-
SHA1
40a2bf3d0742669920ca3364cc9289b7a6480f4e
-
SHA256
6a8233e368cc0fdb198bc895ead506cb095cabaff18da4dba51b86c05437e927
-
SHA512
3fdaa254e1c540e7a195babeb7120f26a32bf2496348fefb544bfb1e5c85f9e18f464ee9d5dd4830e4252b965d80f2845cb716005c609dd77016754de93f5e16
-
SSDEEP
768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+syQNAP:bgGYcA/53GADw8Cl/nP
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-