General
-
Target
2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker
-
Size
93KB
-
Sample
240426-3t7zwafe5v
-
MD5
de7c3a59e723220b86dc267ebd2d1ef7
-
SHA1
88ead96eec1a31778fb63414c49141658337aa17
-
SHA256
e2c25b719c0f9a6bd10dc42dd2db7314a7a476be1df36a6b0d1cc440193fe60b
-
SHA512
34765bebddd299064d81106ecc0f902a5a96a01adc7d2862170fdb7195f59e775e2b71aef65960d2d2de2147a70535b4bb81dd8ca03feb1203349403c06f3cc2
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+v:AnBdOOtEvwDpj6zM
Behavioral task
behavioral1
Sample
2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_de7c3a59e723220b86dc267ebd2d1ef7_cryptolocker
-
Size
93KB
-
MD5
de7c3a59e723220b86dc267ebd2d1ef7
-
SHA1
88ead96eec1a31778fb63414c49141658337aa17
-
SHA256
e2c25b719c0f9a6bd10dc42dd2db7314a7a476be1df36a6b0d1cc440193fe60b
-
SHA512
34765bebddd299064d81106ecc0f902a5a96a01adc7d2862170fdb7195f59e775e2b71aef65960d2d2de2147a70535b4bb81dd8ca03feb1203349403c06f3cc2
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+v:AnBdOOtEvwDpj6zM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-