General
-
Target
2024-04-25_fbabe811962dbabc318d90af9b530afd_cryptolocker
-
Size
42KB
-
Sample
240425-et2wvsfc3w
-
MD5
fbabe811962dbabc318d90af9b530afd
-
SHA1
86cfbe8ce7b7566d568d673cc5a2d26954ed6455
-
SHA256
b285c13cba0f9bcc6d296109e16da4080778b3d60cf867aa2fae4ab548b95976
-
SHA512
6a92eae5af5ba69205532785cbee5dfbfa0b67b75797f9be81de1e23e71f0b2bc55ba508a5355dd505b14338316cd82a8a302bd8b490c6270cedd6bb504c53d6
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_fbabe811962dbabc318d90af9b530afd_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_fbabe811962dbabc318d90af9b530afd_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_fbabe811962dbabc318d90af9b530afd_cryptolocker
-
Size
42KB
-
MD5
fbabe811962dbabc318d90af9b530afd
-
SHA1
86cfbe8ce7b7566d568d673cc5a2d26954ed6455
-
SHA256
b285c13cba0f9bcc6d296109e16da4080778b3d60cf867aa2fae4ab548b95976
-
SHA512
6a92eae5af5ba69205532785cbee5dfbfa0b67b75797f9be81de1e23e71f0b2bc55ba508a5355dd505b14338316cd82a8a302bd8b490c6270cedd6bb504c53d6
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-