General
-
Target
2024-04-03_01d3708f625e32cffad681c167fc0f86_cryptolocker
-
Size
32KB
-
Sample
240403-hgbqpaag66
-
MD5
01d3708f625e32cffad681c167fc0f86
-
SHA1
9b72020bd0618b78c5334995e25a11d560109804
-
SHA256
c81e6139a75ec3d951726dee88eff075f54e6f3975372a663a18e2c7d2b8596e
-
SHA512
c6cad85cbf4ddd1240fe6b454279b6282ea86d60cffa5274ca79a4286fa1003b82e5f6d0e6b233148ee04160be727da7b3db44d5272e64755f10fb85f7fcb1a9
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98KuI:bAvJCYOOvbRPDEgXRcuM98DI
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-03_01d3708f625e32cffad681c167fc0f86_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-03_01d3708f625e32cffad681c167fc0f86_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-03_01d3708f625e32cffad681c167fc0f86_cryptolocker
-
Size
32KB
-
MD5
01d3708f625e32cffad681c167fc0f86
-
SHA1
9b72020bd0618b78c5334995e25a11d560109804
-
SHA256
c81e6139a75ec3d951726dee88eff075f54e6f3975372a663a18e2c7d2b8596e
-
SHA512
c6cad85cbf4ddd1240fe6b454279b6282ea86d60cffa5274ca79a4286fa1003b82e5f6d0e6b233148ee04160be727da7b3db44d5272e64755f10fb85f7fcb1a9
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98KuI:bAvJCYOOvbRPDEgXRcuM98DI
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-