General
-
Target
2024-05-22_a5bc26a0676d8f02b74f7a98fa871b98_cryptolocker
-
Size
69KB
-
Sample
240522-cnrgtsha83
-
MD5
a5bc26a0676d8f02b74f7a98fa871b98
-
SHA1
78cb6ac98c3dbb88eb5788606c6de41fc5935c7b
-
SHA256
7e137eb41d5ba35c888a3c840b82d3ce74652347a55da3eb2f79b8dd2575aa5d
-
SHA512
a35037f1efeecfcbe80241d656c30659b32693a9a16248fbc215e38f61c6fe4b63de60a6ca766664356ef03c098ab53da53cd815fcc7260995ebcef5d5ab3211
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/dG:i5nkFGMOtEvwDpjNbwQEI8UZDw
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-22_a5bc26a0676d8f02b74f7a98fa871b98_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-22_a5bc26a0676d8f02b74f7a98fa871b98_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-22_a5bc26a0676d8f02b74f7a98fa871b98_cryptolocker
-
Size
69KB
-
MD5
a5bc26a0676d8f02b74f7a98fa871b98
-
SHA1
78cb6ac98c3dbb88eb5788606c6de41fc5935c7b
-
SHA256
7e137eb41d5ba35c888a3c840b82d3ce74652347a55da3eb2f79b8dd2575aa5d
-
SHA512
a35037f1efeecfcbe80241d656c30659b32693a9a16248fbc215e38f61c6fe4b63de60a6ca766664356ef03c098ab53da53cd815fcc7260995ebcef5d5ab3211
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/dG:i5nkFGMOtEvwDpjNbwQEI8UZDw
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-