General
-
Target
2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker
-
Size
40KB
-
Sample
240522-3p6w1sde6z
-
MD5
3cee615ffbeacb917401ab7e0d61bdf9
-
SHA1
796fce07237370bca3e85fa244fcbc5e23bf9f6f
-
SHA256
424b6e1409065821215064a25c331e476086c3fd28107a5be2984eee1e320b2d
-
SHA512
4fa7c6c23dc03845643fc0c18ad8a6d0796fa13547d0759d9c08a353c1a32a8f9e3e542ef603d1f927d57e7c96f11ab2831f3d9dc43e004cfc2c3ca88d9c6a99
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0go:qDdFJy3QMOtEvwDpjjWMl7TdCgo
Behavioral task
behavioral1
Sample
2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-22_3cee615ffbeacb917401ab7e0d61bdf9_cryptolocker
-
Size
40KB
-
MD5
3cee615ffbeacb917401ab7e0d61bdf9
-
SHA1
796fce07237370bca3e85fa244fcbc5e23bf9f6f
-
SHA256
424b6e1409065821215064a25c331e476086c3fd28107a5be2984eee1e320b2d
-
SHA512
4fa7c6c23dc03845643fc0c18ad8a6d0796fa13547d0759d9c08a353c1a32a8f9e3e542ef603d1f927d57e7c96f11ab2831f3d9dc43e004cfc2c3ca88d9c6a99
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaB0go:qDdFJy3QMOtEvwDpjjWMl7TdCgo
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-