General
-
Target
2024-04-27_549da7ee761464d744109f35485633dd_cryptolocker
-
Size
44KB
-
Sample
240427-2fmlcaaa53
-
MD5
549da7ee761464d744109f35485633dd
-
SHA1
79dcb8475749700ef84c1be502f9a36f4f76effd
-
SHA256
ce5190286c8cc7400f51fd8c3bf9a55e862e061d434b025bc7a3cf744f5d2444
-
SHA512
32730ea5921b2823c0ca5152901291085aa007b34db1c885efa6e54627c891691055f39159698f73b5a8e6b1a5c2e5d4a46ca035e2a2d6591300f62e6aa4aea0
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMphej6NTJ:bc/y2lkF0+BeVF
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_549da7ee761464d744109f35485633dd_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-04-27_549da7ee761464d744109f35485633dd_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_549da7ee761464d744109f35485633dd_cryptolocker
-
Size
44KB
-
MD5
549da7ee761464d744109f35485633dd
-
SHA1
79dcb8475749700ef84c1be502f9a36f4f76effd
-
SHA256
ce5190286c8cc7400f51fd8c3bf9a55e862e061d434b025bc7a3cf744f5d2444
-
SHA512
32730ea5921b2823c0ca5152901291085aa007b34db1c885efa6e54627c891691055f39159698f73b5a8e6b1a5c2e5d4a46ca035e2a2d6591300f62e6aa4aea0
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMphej6NTJ:bc/y2lkF0+BeVF
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-