General
-
Target
2024-04-26_4e0b30afce57c9ed76e4f154d702d31c_cryptolocker
-
Size
42KB
-
Sample
240426-3dwxnsec27
-
MD5
4e0b30afce57c9ed76e4f154d702d31c
-
SHA1
5471e96b51b1c8ea8b217223ceaed0a50bd8477e
-
SHA256
7a53c7a65bd97ad00175b63cc9b21a3b04e3cc7ef3270dbf5b74d07b3414fb01
-
SHA512
9eea96e0f2ecd3d69e79b3da1b9b5db2aad271e8a44e9bb222992067a21fddbe5a23d9e088b62330d3c273eb49438878b412c70aa1ab8f3c95a98188957c809b
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAy:b/pYayGig5HjS3NPAy
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-26_4e0b30afce57c9ed76e4f154d702d31c_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-26_4e0b30afce57c9ed76e4f154d702d31c_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_4e0b30afce57c9ed76e4f154d702d31c_cryptolocker
-
Size
42KB
-
MD5
4e0b30afce57c9ed76e4f154d702d31c
-
SHA1
5471e96b51b1c8ea8b217223ceaed0a50bd8477e
-
SHA256
7a53c7a65bd97ad00175b63cc9b21a3b04e3cc7ef3270dbf5b74d07b3414fb01
-
SHA512
9eea96e0f2ecd3d69e79b3da1b9b5db2aad271e8a44e9bb222992067a21fddbe5a23d9e088b62330d3c273eb49438878b412c70aa1ab8f3c95a98188957c809b
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAy:b/pYayGig5HjS3NPAy
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-