General
-
Target
2024-05-09_aa84dde47aa63bb1c52849db9fa07b04_cryptolocker
-
Size
40KB
-
Sample
240509-c42mqsgg68
-
MD5
aa84dde47aa63bb1c52849db9fa07b04
-
SHA1
f9aad85519d0ad26a273f998d76e21fc85aa14cd
-
SHA256
3e4649fa7fc8e2ced57c66418973bb94aecf1140ddb969373e87b1226e1c7642
-
SHA512
e783f0f59ddb932d4270b46c13dc7c5b4850e22da1fc325abfaca1fd99eab58490779b0a5890f9cb64260b61edfc1ff96143173f7690d9bbc02181d63677a408
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6DyE9xgy+:bIDOw9a0Dwo3P1ojvUSD79yy+
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-09_aa84dde47aa63bb1c52849db9fa07b04_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-09_aa84dde47aa63bb1c52849db9fa07b04_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-09_aa84dde47aa63bb1c52849db9fa07b04_cryptolocker
-
Size
40KB
-
MD5
aa84dde47aa63bb1c52849db9fa07b04
-
SHA1
f9aad85519d0ad26a273f998d76e21fc85aa14cd
-
SHA256
3e4649fa7fc8e2ced57c66418973bb94aecf1140ddb969373e87b1226e1c7642
-
SHA512
e783f0f59ddb932d4270b46c13dc7c5b4850e22da1fc325abfaca1fd99eab58490779b0a5890f9cb64260b61edfc1ff96143173f7690d9bbc02181d63677a408
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6DyE9xgy+:bIDOw9a0Dwo3P1ojvUSD79yy+
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-