2024-04-20_290a3f245f6893a89bfd29b7fb27495d_cryptolocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_290a3f245f6893a89bfd29b7fb27495d_cryptolocker
Size

5.5MB
MD5

290a3f245f6893a89bfd29b7fb27495d
SHA1

365591a33c39acb35c0d13feaa890e4e9b95c418
SHA256

2f8643cde84fe07e79ada36c8d8685943fb6c9ef1d81f202829859618f5b6a69
SHA512

7c535ed1fabae5c56b9cbb590e8d1e5b30de0b505d5595e65a4eafe087e8377ef1cad4783b0bc846c3b18cd433da30b5c47be5c9ade834b638aa99b2faa54f46
SSDEEP

98304:B2TI98GkoP+kfhZ5Tgm7jdwg+Zl3dKxikhFmg+47eggcgiP05h2VI:OI1PvfhfhOZzkzmg+8egrgh1

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_290a3f245f6893a89bfd29b7fb27495d_cryptolocker

Files

2024-04-20_290a3f245f6893a89bfd29b7fb27495d_cryptolocker
.exe windows:5 windows x86 arch:x86

d234aa15b2f3e24689c37424e8f7571e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
CharUpperBuffW

kernel32

GetLastError
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

gdi32

CreateFontIndirectA

Sections

.text
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pky
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ppc
Size: - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Irc
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

."Z.
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.%fA
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d234aa15b2f3e24689c37424e8f7571e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: - Virtual size: 11KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 1KB

.pky Size: - Virtual size: 10KB

.Ppc Size: - Virtual size: 536B

.htext Size: - Virtual size: 4KB

.Irc Size: - Virtual size: 3.0MB

."Z. Size: 1024B - Virtual size: 976B

.%fA Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: - Virtual size: 11KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 1KB

.pky
Size: - Virtual size: 10KB

.Ppc
Size: - Virtual size: 536B

.htext
Size: - Virtual size: 4KB

.Irc
Size: - Virtual size: 3.0MB

."Z.
Size: 1024B - Virtual size: 976B

.%fA
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 11KB - Virtual size: 10KB