General
-
Target
2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker
-
Size
77KB
-
Sample
240514-ygxk6adb3s
-
MD5
e2607842fb88253c794f63dde6b81cb9
-
SHA1
a60816b1a6588443f0e9654887fbc9e72a4475b4
-
SHA256
1fd34d52c81bb4fa87b8ad6f24abdf458a415dde3020423ec66248f518a53a58
-
SHA512
e243137ee65ebfe8698272ca74a5207101a8cfe4b60e0d71ccf5dedc41c88f9869e0d557f7723855fc117982433cd4ee713f4b080b6b4ba78f77610ac0355047
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxY:T6a+rdOOtEvwDpjNtHPn
Behavioral task
behavioral1
Sample
2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-14_e2607842fb88253c794f63dde6b81cb9_cryptolocker
-
Size
77KB
-
MD5
e2607842fb88253c794f63dde6b81cb9
-
SHA1
a60816b1a6588443f0e9654887fbc9e72a4475b4
-
SHA256
1fd34d52c81bb4fa87b8ad6f24abdf458a415dde3020423ec66248f518a53a58
-
SHA512
e243137ee65ebfe8698272ca74a5207101a8cfe4b60e0d71ccf5dedc41c88f9869e0d557f7723855fc117982433cd4ee713f4b080b6b4ba78f77610ac0355047
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxY:T6a+rdOOtEvwDpjNtHPn
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-