General
-
Target
2024-05-21_4f26203729e8b75dcb7fa88269997e52_cryptolocker
-
Size
60KB
-
Sample
240521-t5adbaca5w
-
MD5
4f26203729e8b75dcb7fa88269997e52
-
SHA1
9802af3e4ab140739481f241ca6a881cccc27d2e
-
SHA256
ce68b6e12521e3fdb126cba388e98b3ebeda44b4751339e57fb2a9a532af21aa
-
SHA512
3084699a47f05f37d3b0d77da48aa181c0ee7aee70f163d54d19c78749f5b472873d003f4cad5b58e6c2fb804eeafb77d358e75924aa78b9dafa0b2c856e72ce
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaUf3I:z6a+CdOOtEvwDpjQz
Behavioral task
behavioral1
Sample
2024-05-21_4f26203729e8b75dcb7fa88269997e52_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-21_4f26203729e8b75dcb7fa88269997e52_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-21_4f26203729e8b75dcb7fa88269997e52_cryptolocker
-
Size
60KB
-
MD5
4f26203729e8b75dcb7fa88269997e52
-
SHA1
9802af3e4ab140739481f241ca6a881cccc27d2e
-
SHA256
ce68b6e12521e3fdb126cba388e98b3ebeda44b4751339e57fb2a9a532af21aa
-
SHA512
3084699a47f05f37d3b0d77da48aa181c0ee7aee70f163d54d19c78749f5b472873d003f4cad5b58e6c2fb804eeafb77d358e75924aa78b9dafa0b2c856e72ce
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaUf3I:z6a+CdOOtEvwDpjQz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-