Extracted

Extracted

Extracted

Extracted

• • Target

    a-7/crypto-locker-1.4.4.1-a7-Runtime/bin/decrypt-a7.exe

  • Size

    949KB

  • MD5

    06921f50200d5f4c14ed2b5c778774ae

  • SHA1

    96afb847777743595f7a7c412da6c3425e95cfd4

  • SHA256

    d007e599337296b1c90d51396952fd07151acf479f2504768fa5f04d07fec760

  • SHA512

    a944745c44bc38aef847cd74647edcd5127d8792dfd7f87133bc593ba747fdddb431223000234ccaa60598387b7465da0dea770fb84dadce6bd870a4ccd7eaeb

  • SSDEEP

    24576:WpiXhwGNyLRuBHs8AmDDXw9QXwnXiee0EBZAoHt+:+iXy+Hs8AmSinBZAoHt+

  Score

  1^/10
  behavioral1behavioral2

• • Target

    a-7/crypto-locker-1.4.4.1-a7-Runtime/bin/encrypt-a7.exe

  • Size

    1.2MB

  • MD5

    66b9f03ccf1b0c4b2dad55d3f60b040c

  • SHA1

    d330988c7baf1ca42ac40a9990a5626894c628c4

  • SHA256

    2ce4984a74a36dcdc380c435c9495241db4ca7e107fc2ba50d2fe775fb6b73ce

  • SHA512

    c61a75ad69165d3ee6140553b945b2739e2380678fc2fbb0b6df4dd71fef3a3cb1d5f8edf306da119c7be36d9f19a1c6aee208b03472d0f5791ae4c591b0c47b

  • SSDEEP

    24576:LuUKt2yozDn6ptlc71LGIsubFK7cjvzYwZDwisVTtgpTph2K/:CUKthozDn6XlAFfjvzBSPT6pTphT/

  Score

  10^/10

  lockergogabankerransomwarespywarestealertrojan

  • LockerGoga

    LockerGoga is a ransomware that is primarily used in targeted, disruptive attacks.

    trojanbankerlockergoga

  • Renames multiple (3285) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral3behavioral4

• • Target

    a-8/crypto-locker-1.4.4.1-a8-Runtime/bin/decrypt-a8.exe

  • Size

    949KB

  • MD5

    18af697495b3cc93bb9847dc24568795

  • SHA1

    814d196c47318e19faebe7452c5d35a6ea62e1af

  • SHA256

    b5430088a5c947327f5974863d56d86a26a223081a0ba4805131bb036a0e7872

  • SHA512

    6f87a67ec71018979d9b3f890873935109ed657c1f75bdbd3300398327c45380ea576acd2e2e18afe7fb4fde27657d8b2522afb01c8415e3e1d4d6dc2063268d

  • SSDEEP

    24576:ypiXhwGNyLRuBHs8AmDDXw9QXwnXiee03BdAoHt+:CiXy+Hs8AmSiMBdAoHt+

  Score

  1^/10
  behavioral5behavioral6

• • Target

    a-8/crypto-locker-1.4.4.1-a8-Runtime/bin/encrypt-a8.exe

  • Size

    1.2MB

  • MD5

    d31b5a2c8a26296a207a1528ee6d9258

  • SHA1

    9a2a152dee5276ad5dd8340fa8a59025754f7b6d

  • SHA256

    d866e83d3f09768f47133eb94050dafff597631a9b1894e6cfe7174d23a4528f

  • SHA512

    7b79dda826f4fafbcd19437da1a42b26442e44c6d51e52c36e5804f9705380ff3fe626a94788876076701d38443d521fe195218d1d5c0acdf95595cab666e642

  • SSDEEP

    24576:buUKt2yozDn6ptlc71LGIsubFK7cjvzYwZDwisVTtgATpbpK/:SUKthozDn6XlAFfjvzBSPT6ATpbc/

  Score

  10^/10

  lockergogabankerransomwarespywarestealertrojan

  • LockerGoga

    LockerGoga is a ransomware that is primarily used in targeted, disruptive attacks.

    trojanbankerlockergoga

  • Renames multiple (4594) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral7behavioral8

• • Target

    a-9/crypto-locker-1.4.4.1-a9-Runtime/bin/decrypt-a9.exe

  • Size

    949KB

  • MD5

    7b229af4af11067bae852f99a7de58f9

  • SHA1

    748b64147607c904093909085f24518cc35f5a28

  • SHA256

    0d1159c9bd4a9a8f81190c2269e8be28b0dd51a2198ef47a9c6daa4e7d9fcd2f

  • SHA512

    5d4770b840313c0512ca97572f46803ccc966906f3595c662608fbceedff62da2bd1fb8bff1542243bdd99639b2db37e21a5403c59622f061fb07662c64e853e

  • SSDEEP

    24576:TpiXhwGNyLRuBHs8AmDDXw9QXwnXiee0WBiAoHt+:9iXy+Hs8AmSiJBiAoHt+

  Score

  1^/10
  behavioral10behavioral9

• • Target

    a-9/crypto-locker-1.4.4.1-a9-Runtime/bin/encrypt-a9.exe

  • Size

    1.2MB

  • MD5

    f59c149db98488ac6b8d621a3d13aeb2

  • SHA1

    1da2bd0c0864a2eb4fc43ca93c383e28f5ba461a

  • SHA256

    6aa73f492b4dc52322ae8443a730c279c621a99dae4e8cb873c7a96dd4c6561f

  • SHA512

    df8e731262c175d5a32ae5cfb8604813adae361c283c39464c9566377067fb1990466797495039d3e3a9d70324f05b47da17a2b92663cf0152321ac8634b6134

  • SSDEEP

    24576:ieUKt2yozDn6ptlov1LGIsubFK7cjvzAwZDwisVTtk8TpQWK/:bUKthozDn6XlIFfjvz5SPTu8TpQz/

  Score

  10^/10

  lockergogabankerransomwarespywarestealertrojan

  • LockerGoga

    LockerGoga is a ransomware that is primarily used in targeted, disruptive attacks.

    trojanbankerlockergoga

  • Renames multiple (3196) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral11behavioral12