General
-
Target
2024-04-26_eb375ad724dfd98145a71abbb661c4c7_cryptolocker
-
Size
67KB
-
Sample
240426-w7xbzahf54
-
MD5
eb375ad724dfd98145a71abbb661c4c7
-
SHA1
aed75a1ba2694bacb4f2a864128f4cf30e4e8cd1
-
SHA256
b31970c7e135429c1ca4efd3a8c8046871dd4748faf94a433d05795352bf75fd
-
SHA512
ec576a6231a55b28121b30d49d12ee9fc62af466bdba50b37021685a5a66663857c4797585f41d77bbec26ed4c8837d192d1eada3b5bd968f05d524adf6aed39
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoQRhN:1nK6a+qdOOtEvwDpjq
Behavioral task
behavioral1
Sample
2024-04-26_eb375ad724dfd98145a71abbb661c4c7_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_eb375ad724dfd98145a71abbb661c4c7_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_eb375ad724dfd98145a71abbb661c4c7_cryptolocker
-
Size
67KB
-
MD5
eb375ad724dfd98145a71abbb661c4c7
-
SHA1
aed75a1ba2694bacb4f2a864128f4cf30e4e8cd1
-
SHA256
b31970c7e135429c1ca4efd3a8c8046871dd4748faf94a433d05795352bf75fd
-
SHA512
ec576a6231a55b28121b30d49d12ee9fc62af466bdba50b37021685a5a66663857c4797585f41d77bbec26ed4c8837d192d1eada3b5bd968f05d524adf6aed39
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoQRhN:1nK6a+qdOOtEvwDpjq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-