General
-
Target
2024-04-27_0e3d13aaff3ef7d0ee038ace59ff4bcc_cryptolocker
-
Size
38KB
-
Sample
240427-2a8avshh27
-
MD5
0e3d13aaff3ef7d0ee038ace59ff4bcc
-
SHA1
e519ae91ff709b390fbe97dce870f9d5139bfcd3
-
SHA256
8d8db10f6abeb6e7cb00a37dbfee83a14c81313552477ca78de1928f378b531f
-
SHA512
2ebb62fbbfaf4249164c37a09f83df89a197462f48a44ce8d3136d335d8eadc281782930a0348925f35c17b54a87cd91239fd0da54cb4d3f863041baba6acf4e
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY8:qDdFJy3QMOtEvwDpjjWMl7TZ
Behavioral task
behavioral1
Sample
2024-04-27_0e3d13aaff3ef7d0ee038ace59ff4bcc_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-27_0e3d13aaff3ef7d0ee038ace59ff4bcc_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-27_0e3d13aaff3ef7d0ee038ace59ff4bcc_cryptolocker
-
Size
38KB
-
MD5
0e3d13aaff3ef7d0ee038ace59ff4bcc
-
SHA1
e519ae91ff709b390fbe97dce870f9d5139bfcd3
-
SHA256
8d8db10f6abeb6e7cb00a37dbfee83a14c81313552477ca78de1928f378b531f
-
SHA512
2ebb62fbbfaf4249164c37a09f83df89a197462f48a44ce8d3136d335d8eadc281782930a0348925f35c17b54a87cd91239fd0da54cb4d3f863041baba6acf4e
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY8:qDdFJy3QMOtEvwDpjjWMl7TZ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-