General
-
Target
2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker
-
Size
39KB
-
Sample
240520-2kscdsaa35
-
MD5
ef5c2253a927fd29b7850d5c7be75538
-
SHA1
a18ba1397394c8184a8fb54b7b05d0ecbed528c8
-
SHA256
f5971f458df5ab5a358885d52c299036e5e5f0b5e8f15d8c4990cd65bacc8cc1
-
SHA512
7f20d5b44b5c734d7d29c8d72bc022c3124b57e43a247cb24ffce6000de4116ca1f5b1906e35e0da9e85e80f4cad82db7fd324bd578168dcf1a6dbc46d337e62
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3A4s:qUmnpomddpMOtEvwDpjjaYaQPs
Behavioral task
behavioral1
Sample
2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-20_ef5c2253a927fd29b7850d5c7be75538_cryptolocker
-
Size
39KB
-
MD5
ef5c2253a927fd29b7850d5c7be75538
-
SHA1
a18ba1397394c8184a8fb54b7b05d0ecbed528c8
-
SHA256
f5971f458df5ab5a358885d52c299036e5e5f0b5e8f15d8c4990cd65bacc8cc1
-
SHA512
7f20d5b44b5c734d7d29c8d72bc022c3124b57e43a247cb24ffce6000de4116ca1f5b1906e35e0da9e85e80f4cad82db7fd324bd578168dcf1a6dbc46d337e62
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3A4s:qUmnpomddpMOtEvwDpjjaYaQPs
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-