General
-
Target
2024-04-27_65458a97bac175a8c43ceb91584c6b83_cryptolocker
-
Size
87KB
-
Sample
240427-2gnj2aad31
-
MD5
65458a97bac175a8c43ceb91584c6b83
-
SHA1
b38e339e3318d60233b40b1acf753da64df9b05d
-
SHA256
e418916c32890325e375b16e8d6684edde99fde84db496f59cfdf9d84733aeb2
-
SHA512
e1458321b80be6559afc231adb4667d7b6339602d9724babd1a6f7bf3e0afd2ed72b09317bec2f97fee932c0be0cc26e87def5ccd9f913ec679a25b6e59901bf
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODw:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgK
Behavioral task
behavioral1
Sample
2024-04-27_65458a97bac175a8c43ceb91584c6b83_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-27_65458a97bac175a8c43ceb91584c6b83_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_65458a97bac175a8c43ceb91584c6b83_cryptolocker
-
Size
87KB
-
MD5
65458a97bac175a8c43ceb91584c6b83
-
SHA1
b38e339e3318d60233b40b1acf753da64df9b05d
-
SHA256
e418916c32890325e375b16e8d6684edde99fde84db496f59cfdf9d84733aeb2
-
SHA512
e1458321b80be6559afc231adb4667d7b6339602d9724babd1a6f7bf3e0afd2ed72b09317bec2f97fee932c0be0cc26e87def5ccd9f913ec679a25b6e59901bf
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODw:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgK
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-