General
-
Target
2024-04-25_d1b646a567264fa92ede6923382badad_cryptolocker
-
Size
42KB
-
Sample
240425-destzaea84
-
MD5
d1b646a567264fa92ede6923382badad
-
SHA1
0ca035fc91eb286386e29afcecfdb43b7f5ab014
-
SHA256
90c09d9b3033472cb3b42b0e8e02cc9b5fbd224cbe912868366c1a679bcf39d9
-
SHA512
b0f470b94798f698e0f37abc1e131323aea7bad8d4b8a5b36135270cbbc10f1e677f68f5e321958632d64fe6062e4744353b5b32e248c932cbe7f7081d30693f
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAJ:b/pYayGig5HjS3NPAJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_d1b646a567264fa92ede6923382badad_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_d1b646a567264fa92ede6923382badad_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_d1b646a567264fa92ede6923382badad_cryptolocker
-
Size
42KB
-
MD5
d1b646a567264fa92ede6923382badad
-
SHA1
0ca035fc91eb286386e29afcecfdb43b7f5ab014
-
SHA256
90c09d9b3033472cb3b42b0e8e02cc9b5fbd224cbe912868366c1a679bcf39d9
-
SHA512
b0f470b94798f698e0f37abc1e131323aea7bad8d4b8a5b36135270cbbc10f1e677f68f5e321958632d64fe6062e4744353b5b32e248c932cbe7f7081d30693f
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAJ:b/pYayGig5HjS3NPAJ
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-