General
-
Target
2024-04-27_8a0a0ce92797e3559d112769d1b3375e_cryptolocker
-
Size
87KB
-
Sample
240427-2h4yeaab27
-
MD5
8a0a0ce92797e3559d112769d1b3375e
-
SHA1
cf02b22ef91a699d225de274941bc0d0000ae8a0
-
SHA256
4c72fefce81c758c0293daf045fae31837a9a932b5a2a343c655bc3c755db5ea
-
SHA512
12cb656044be4a5ca7e84ba7391a29952fb1de91eb618cef6c0e7a87c6ff891c2661037955be2a7460e7ab5cf3aad23555c6dcdec9619319daef3465e8ff82dc
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg5D:AnBdOOtEvwDpj6zp
Behavioral task
behavioral1
Sample
2024-04-27_8a0a0ce92797e3559d112769d1b3375e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-27_8a0a0ce92797e3559d112769d1b3375e_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_8a0a0ce92797e3559d112769d1b3375e_cryptolocker
-
Size
87KB
-
MD5
8a0a0ce92797e3559d112769d1b3375e
-
SHA1
cf02b22ef91a699d225de274941bc0d0000ae8a0
-
SHA256
4c72fefce81c758c0293daf045fae31837a9a932b5a2a343c655bc3c755db5ea
-
SHA512
12cb656044be4a5ca7e84ba7391a29952fb1de91eb618cef6c0e7a87c6ff891c2661037955be2a7460e7ab5cf3aad23555c6dcdec9619319daef3465e8ff82dc
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg5D:AnBdOOtEvwDpj6zp
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-