General
-
Target
2024-04-03_fde2766362501f200acef96bc1cd847e_cryptolocker
-
Size
67KB
-
Sample
240403-g8tj5sab5t
-
MD5
fde2766362501f200acef96bc1cd847e
-
SHA1
c6971e8ea6a3fb3f696a32ef2b6af0390183422a
-
SHA256
5aa04981ac3f15389234c646c1b9c10a4dbf14a1a73378429fa24d75b401457a
-
SHA512
6c0fd108c56a6d27b3700120c323994960a01e2b7dcc269516e027c71a1144289e93b08eb63e34fd29fbbf99f03bf961bf5e0204084efb4fa8766f59ae21548b
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UncAM:1nK6a+qdOOtEvwDpj/
Behavioral task
behavioral1
Sample
2024-04-03_fde2766362501f200acef96bc1cd847e_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-03_fde2766362501f200acef96bc1cd847e_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-03_fde2766362501f200acef96bc1cd847e_cryptolocker
-
Size
67KB
-
MD5
fde2766362501f200acef96bc1cd847e
-
SHA1
c6971e8ea6a3fb3f696a32ef2b6af0390183422a
-
SHA256
5aa04981ac3f15389234c646c1b9c10a4dbf14a1a73378429fa24d75b401457a
-
SHA512
6c0fd108c56a6d27b3700120c323994960a01e2b7dcc269516e027c71a1144289e93b08eb63e34fd29fbbf99f03bf961bf5e0204084efb4fa8766f59ae21548b
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UncAM:1nK6a+qdOOtEvwDpj/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-