General
-
Target
2024-05-21_260931d306915f4970bf1e9a3f0fff0d_cryptolocker
-
Size
43KB
-
Sample
240521-rrckeahb4y
-
MD5
260931d306915f4970bf1e9a3f0fff0d
-
SHA1
f12cfc08c9b037320bb6a10923213a8a54071d13
-
SHA256
22100a6a2b8fb7d43dc6a496c56c9c295a6ddb9f24b8cd809398ba919af7b58a
-
SHA512
a6452148b98b57e75c24aa24d30acdce7217214d82aa54602f091e0b19ed2f7e41506e8b74674618080a955612de428e906fb11aece570152ee3c81103d8850d
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDU:6j+1NMOtEvwDpjrRf
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-21_260931d306915f4970bf1e9a3f0fff0d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-21_260931d306915f4970bf1e9a3f0fff0d_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-21_260931d306915f4970bf1e9a3f0fff0d_cryptolocker
-
Size
43KB
-
MD5
260931d306915f4970bf1e9a3f0fff0d
-
SHA1
f12cfc08c9b037320bb6a10923213a8a54071d13
-
SHA256
22100a6a2b8fb7d43dc6a496c56c9c295a6ddb9f24b8cd809398ba919af7b58a
-
SHA512
a6452148b98b57e75c24aa24d30acdce7217214d82aa54602f091e0b19ed2f7e41506e8b74674618080a955612de428e906fb11aece570152ee3c81103d8850d
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDU:6j+1NMOtEvwDpjrRf
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-