General
-
Target
2024-05-22_80b296216c7641557716de6fb30c872b_cryptolocker
-
Size
40KB
-
Sample
240522-c5nr9shf94
-
MD5
80b296216c7641557716de6fb30c872b
-
SHA1
fe33aeca85a9c304b87f7ce32cb21afc01644575
-
SHA256
a60bdf08d0a5b68eabbc1d068dab89fa8c0ae9d9d4602407de4e28c8e7c01319
-
SHA512
8611c1c6e4ec6aa203fb83dd331b795235c31e2f995028e48ec59e7dbdec0a778007ebb3ed1e1091daa39217d4c65f9925b4abc8eb126314186579d3e3bb0d21
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBAt:qDdFJy3QMOtEvwDpjjWMl7TdS
Behavioral task
behavioral1
Sample
2024-05-22_80b296216c7641557716de6fb30c872b_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-22_80b296216c7641557716de6fb30c872b_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-22_80b296216c7641557716de6fb30c872b_cryptolocker
-
Size
40KB
-
MD5
80b296216c7641557716de6fb30c872b
-
SHA1
fe33aeca85a9c304b87f7ce32cb21afc01644575
-
SHA256
a60bdf08d0a5b68eabbc1d068dab89fa8c0ae9d9d4602407de4e28c8e7c01319
-
SHA512
8611c1c6e4ec6aa203fb83dd331b795235c31e2f995028e48ec59e7dbdec0a778007ebb3ed1e1091daa39217d4c65f9925b4abc8eb126314186579d3e3bb0d21
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBAt:qDdFJy3QMOtEvwDpjjWMl7TdS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-