General
-
Target
2024-04-25_880011de62a3dfdd69437778ced9fb3c_cryptolocker
-
Size
34KB
-
Sample
240425-eev5rsfa2s
-
MD5
880011de62a3dfdd69437778ced9fb3c
-
SHA1
ac4c3803ba6c4bbee1f73b5d52a37f1c72a96f72
-
SHA256
1157b89b029cc97221ea17326ae0ffcf7153fdc427d059bb3c487e7bf75f9c48
-
SHA512
db5f734d9f085d3d9bbc4a892bdfec97d741b3607efc865a64abf4bf0796ad752c6b4cde2900ba0cd181f21249b54e5114cca692b4b7fa1284b65fec7d34c441
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0MFNeGQA:b/yC4GyNM01GuQMNXw2PSjH+VGQA
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_880011de62a3dfdd69437778ced9fb3c_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_880011de62a3dfdd69437778ced9fb3c_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-25_880011de62a3dfdd69437778ced9fb3c_cryptolocker
-
Size
34KB
-
MD5
880011de62a3dfdd69437778ced9fb3c
-
SHA1
ac4c3803ba6c4bbee1f73b5d52a37f1c72a96f72
-
SHA256
1157b89b029cc97221ea17326ae0ffcf7153fdc427d059bb3c487e7bf75f9c48
-
SHA512
db5f734d9f085d3d9bbc4a892bdfec97d741b3607efc865a64abf4bf0796ad752c6b4cde2900ba0cd181f21249b54e5114cca692b4b7fa1284b65fec7d34c441
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0MFNeGQA:b/yC4GyNM01GuQMNXw2PSjH+VGQA
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-