General
-
Target
2024-04-26_6bf8beed47c0c78dae6a63be313b9fe3_cryptolocker
-
Size
38KB
-
Sample
240426-3ec6ysec34
-
MD5
6bf8beed47c0c78dae6a63be313b9fe3
-
SHA1
7394380b89d5f9a1885b649edb8e01c0dd4f8f26
-
SHA256
e904055dde3855993eb9758b0643ff119a2e26f499f379122602087410a8fca2
-
SHA512
9f4de4ee360828e7ac44a56789368eb5bd2503cc4ad4a43cfc46a7fc49e7820bbf6246c5004f482205317dc16122cbd1974ca264252a426f706f6a72a527d48d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY1:qDdFJy3QMOtEvwDpjjWMl7TA
Behavioral task
behavioral1
Sample
2024-04-26_6bf8beed47c0c78dae6a63be313b9fe3_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_6bf8beed47c0c78dae6a63be313b9fe3_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_6bf8beed47c0c78dae6a63be313b9fe3_cryptolocker
-
Size
38KB
-
MD5
6bf8beed47c0c78dae6a63be313b9fe3
-
SHA1
7394380b89d5f9a1885b649edb8e01c0dd4f8f26
-
SHA256
e904055dde3855993eb9758b0643ff119a2e26f499f379122602087410a8fca2
-
SHA512
9f4de4ee360828e7ac44a56789368eb5bd2503cc4ad4a43cfc46a7fc49e7820bbf6246c5004f482205317dc16122cbd1974ca264252a426f706f6a72a527d48d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY1:qDdFJy3QMOtEvwDpjjWMl7TA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-