General
-
Target
2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker
-
Size
42KB
-
Sample
240425-c77yxsdh58
-
MD5
7f5fe52befb8a9c568c8ccd4ba07e719
-
SHA1
e0757e3384f73a47862c7bbc58a73ab4d34f15c1
-
SHA256
cc6f942cac11c2d1d66808800be9381ee0d302f1951a4117b969d7bea40c1111
-
SHA512
c0b662ff91208141b6ec9eec0d1392b1ae6d5d0e24927c79eb3daf73c56e579b6ea12d370df7dcee34e506430cba6b4ea13b6d9d345ca5e196c541dce372de1b
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9DUL:b/pYayGig5HjS3NPA9DY
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_7f5fe52befb8a9c568c8ccd4ba07e719_cryptolocker
-
Size
42KB
-
MD5
7f5fe52befb8a9c568c8ccd4ba07e719
-
SHA1
e0757e3384f73a47862c7bbc58a73ab4d34f15c1
-
SHA256
cc6f942cac11c2d1d66808800be9381ee0d302f1951a4117b969d7bea40c1111
-
SHA512
c0b662ff91208141b6ec9eec0d1392b1ae6d5d0e24927c79eb3daf73c56e579b6ea12d370df7dcee34e506430cba6b4ea13b6d9d345ca5e196c541dce372de1b
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9DUL:b/pYayGig5HjS3NPA9DY
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-