General
-
Target
2024-04-26_3b80cf5308c5abd0c76e67ca432dd0ba_cryptolocker
-
Size
30KB
-
Sample
240426-3c8j3sfa9v
-
MD5
3b80cf5308c5abd0c76e67ca432dd0ba
-
SHA1
5b25e86bbefa02836c672b93cf42b11c85b64c64
-
SHA256
744405b65a51b5ba0c8dbe6f5b82289663689151cd8353cac9fdaf4f79498f51
-
SHA512
ad733c61c4a15a0b10d6787d3206130ce97037a0d63f98741e909862a8b9e9665f6f7a4d6c98f11fb26b0b025de884c633ac305a3eae7dece0974c4d2007bfaf
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+U/hiP:b/yC4GyNM01GuQMNXum+nP
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-26_3b80cf5308c5abd0c76e67ca432dd0ba_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_3b80cf5308c5abd0c76e67ca432dd0ba_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_3b80cf5308c5abd0c76e67ca432dd0ba_cryptolocker
-
Size
30KB
-
MD5
3b80cf5308c5abd0c76e67ca432dd0ba
-
SHA1
5b25e86bbefa02836c672b93cf42b11c85b64c64
-
SHA256
744405b65a51b5ba0c8dbe6f5b82289663689151cd8353cac9fdaf4f79498f51
-
SHA512
ad733c61c4a15a0b10d6787d3206130ce97037a0d63f98741e909862a8b9e9665f6f7a4d6c98f11fb26b0b025de884c633ac305a3eae7dece0974c4d2007bfaf
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zznum+U/hiP:b/yC4GyNM01GuQMNXum+nP
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-