General
-
Target
2024-04-26_6f5e2da571526a4eae467d2ea49aa530_cryptolocker
-
Size
38KB
-
Sample
240426-3s3c1aee88
-
MD5
6f5e2da571526a4eae467d2ea49aa530
-
SHA1
e3eaf6ec84e9a19b50b157b2d0c928290b814c8b
-
SHA256
cadbbcbc1fc76d366bbfce7eddac3905ea014b3e4fed5ba699a66eca24c45c02
-
SHA512
fa91d2fad00573de6aec0fd81771ccc3b45f0feb4c0c01b7f5d9df7932cdbfcc20496b0e9810bcd8134d7be0d8e30c2ce773b10fa5d436a90a78ba97bb989c6d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBv:qDdFJy3QMOtEvwDpjjWMl7TdZ
Behavioral task
behavioral1
Sample
2024-04-26_6f5e2da571526a4eae467d2ea49aa530_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-26_6f5e2da571526a4eae467d2ea49aa530_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-26_6f5e2da571526a4eae467d2ea49aa530_cryptolocker
-
Size
38KB
-
MD5
6f5e2da571526a4eae467d2ea49aa530
-
SHA1
e3eaf6ec84e9a19b50b157b2d0c928290b814c8b
-
SHA256
cadbbcbc1fc76d366bbfce7eddac3905ea014b3e4fed5ba699a66eca24c45c02
-
SHA512
fa91d2fad00573de6aec0fd81771ccc3b45f0feb4c0c01b7f5d9df7932cdbfcc20496b0e9810bcd8134d7be0d8e30c2ce773b10fa5d436a90a78ba97bb989c6d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBv:qDdFJy3QMOtEvwDpjjWMl7TdZ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-