General
-
Target
2024-04-27_28ea5e7984bf10c0f200968800a1997e_cryptolocker
-
Size
44KB
-
Sample
240427-2cfzdsab9y
-
MD5
28ea5e7984bf10c0f200968800a1997e
-
SHA1
93c919c6d65c3e82aaa2c2eb164298cb1c7f81ca
-
SHA256
175c603f5974dbbc1ca85598202f82e9fa1342dcddaf1b68ac99348975e15978
-
SHA512
56c884292213c1cefe83b3855958f959d18e5ab7e83443f8b7025c7c6437225e91d20c04347b47a3db257346f9e33294768bbcd587600bd30be5573aa7314c08
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMvcWp8EB0xx9:bc/y2lkF0+B2j8C0n9
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_28ea5e7984bf10c0f200968800a1997e_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-27_28ea5e7984bf10c0f200968800a1997e_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_28ea5e7984bf10c0f200968800a1997e_cryptolocker
-
Size
44KB
-
MD5
28ea5e7984bf10c0f200968800a1997e
-
SHA1
93c919c6d65c3e82aaa2c2eb164298cb1c7f81ca
-
SHA256
175c603f5974dbbc1ca85598202f82e9fa1342dcddaf1b68ac99348975e15978
-
SHA512
56c884292213c1cefe83b3855958f959d18e5ab7e83443f8b7025c7c6437225e91d20c04347b47a3db257346f9e33294768bbcd587600bd30be5573aa7314c08
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMvcWp8EB0xx9:bc/y2lkF0+B2j8C0n9
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-