General
-
Target
2024-04-26_59811059017beb5121b22f6293e56b72_cryptolocker
-
Size
55KB
-
Sample
240426-3d56cafb21
-
MD5
59811059017beb5121b22f6293e56b72
-
SHA1
ec3a4160fc4aa20d99294c98857e45903890c43a
-
SHA256
794db7e8fd0db90f0e146f8f0e15db769667f08c03358357d6d1d74a8a811ef9
-
SHA512
a93fdfa5b34a8e685a5fc9d79c36f50e8a315ca0bbba565f40e4d4a9180c0f1295148f2b3c870a03ab77b138cd669c2f6a911b636c2f991488b9f14eba7832ec
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjl+SA:bP9g/xtCS3Dxx0JSA
Behavioral task
behavioral1
Sample
2024-04-26_59811059017beb5121b22f6293e56b72_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_59811059017beb5121b22f6293e56b72_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_59811059017beb5121b22f6293e56b72_cryptolocker
-
Size
55KB
-
MD5
59811059017beb5121b22f6293e56b72
-
SHA1
ec3a4160fc4aa20d99294c98857e45903890c43a
-
SHA256
794db7e8fd0db90f0e146f8f0e15db769667f08c03358357d6d1d74a8a811ef9
-
SHA512
a93fdfa5b34a8e685a5fc9d79c36f50e8a315ca0bbba565f40e4d4a9180c0f1295148f2b3c870a03ab77b138cd669c2f6a911b636c2f991488b9f14eba7832ec
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjl+SA:bP9g/xtCS3Dxx0JSA
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-