General
-
Target
2024-04-27_5cd615f24dc71dd168857e0110dcff9f_cryptolocker
-
Size
50KB
-
Sample
240427-2f8htaaa63
-
MD5
5cd615f24dc71dd168857e0110dcff9f
-
SHA1
6aed6781bac818808006d9533e52592c1793afe3
-
SHA256
cb288961e4fa01d474ba545bbac0cff34361050277f863569b902257be224056
-
SHA512
708dade6c9a39d993f441ffa1009daf071fd1d8b483e17a28ac08bd862f8ece0c3b56c42138347287535ec88ba996aa2f44ffc2a3db92ac69f2ac99a0be4a4aa
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRHnzO:6j+1NMOtEvwDpjr8hhX9i
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_5cd615f24dc71dd168857e0110dcff9f_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-04-27_5cd615f24dc71dd168857e0110dcff9f_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-04-27_5cd615f24dc71dd168857e0110dcff9f_cryptolocker
-
Size
50KB
-
MD5
5cd615f24dc71dd168857e0110dcff9f
-
SHA1
6aed6781bac818808006d9533e52592c1793afe3
-
SHA256
cb288961e4fa01d474ba545bbac0cff34361050277f863569b902257be224056
-
SHA512
708dade6c9a39d993f441ffa1009daf071fd1d8b483e17a28ac08bd862f8ece0c3b56c42138347287535ec88ba996aa2f44ffc2a3db92ac69f2ac99a0be4a4aa
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRHnzO:6j+1NMOtEvwDpjr8hhX9i
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-