General
-
Target
2024-05-22_637d5e856531ac100a5502ec7ef542c5_cryptolocker
-
Size
41KB
-
Sample
240522-c4j3pahf62
-
MD5
637d5e856531ac100a5502ec7ef542c5
-
SHA1
5da3b971f11514b05ac22d27bc468f1af4c37c0c
-
SHA256
d2496763756cb52ce93c9b7aff35092912d8534da0b911ac33fcc8f50f7213e6
-
SHA512
b272039db6f91c3227ce8368fe09202f4dc21360894af40dea0c1cb184c6f3088c347305f86b1dd496ba989a8a13e810518f1cf57ed1091707ec6915cc9f9173
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAdM:bCDOw9aMDooc+vAq
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-22_637d5e856531ac100a5502ec7ef542c5_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-22_637d5e856531ac100a5502ec7ef542c5_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-22_637d5e856531ac100a5502ec7ef542c5_cryptolocker
-
Size
41KB
-
MD5
637d5e856531ac100a5502ec7ef542c5
-
SHA1
5da3b971f11514b05ac22d27bc468f1af4c37c0c
-
SHA256
d2496763756cb52ce93c9b7aff35092912d8534da0b911ac33fcc8f50f7213e6
-
SHA512
b272039db6f91c3227ce8368fe09202f4dc21360894af40dea0c1cb184c6f3088c347305f86b1dd496ba989a8a13e810518f1cf57ed1091707ec6915cc9f9173
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAdM:bCDOw9aMDooc+vAq
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-