General
-
Target
2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker
-
Size
42KB
-
Sample
240425-djn2kseb73
-
MD5
fb735b9d44cea9d4d002b9efe7ce3314
-
SHA1
cbefa2179c711857ed74674261b3ca76d24f7223
-
SHA256
a57a354594147a413f4dd08db9d43d4c6cef41b4f046cfefe8ec1b8b2bfdd198
-
SHA512
374ab0556344978a3326efc3f022d1f8523d4a9b1fec2d99015bda1838a90e7b617755af8b22d4f7f3f6af0b32491f44e3b79cdb32cad97a0aef0ffd45acec84
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAO:b/pYayGig5HjS3NPAO
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_fb735b9d44cea9d4d002b9efe7ce3314_cryptolocker
-
Size
42KB
-
MD5
fb735b9d44cea9d4d002b9efe7ce3314
-
SHA1
cbefa2179c711857ed74674261b3ca76d24f7223
-
SHA256
a57a354594147a413f4dd08db9d43d4c6cef41b4f046cfefe8ec1b8b2bfdd198
-
SHA512
374ab0556344978a3326efc3f022d1f8523d4a9b1fec2d99015bda1838a90e7b617755af8b22d4f7f3f6af0b32491f44e3b79cdb32cad97a0aef0ffd45acec84
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAO:b/pYayGig5HjS3NPAO
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-