General
-
Target
2024-05-22_d1c10c14d41be94da84953576be54b59_cryptolocker
-
Size
40KB
-
Sample
240522-cxl9gahd69
-
MD5
d1c10c14d41be94da84953576be54b59
-
SHA1
29cf4ca0bb840b33ef6f04b82734ebc9c35f63d6
-
SHA256
84d27097f968478f99ce85e5589d2c99a0155c841a3f3e411f90ebc85e3aacd6
-
SHA512
8f811b2421a6010dc2dc829727a1fdd341b7fff10b145897fe76e501699e0382e170aa891361f6a65e6e9a0471df6672018b38dc6670d1b1c05c2b08a9963535
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYY:qDdFJy3QMOtEvwDpjjWMl7TF
Behavioral task
behavioral1
Sample
2024-05-22_d1c10c14d41be94da84953576be54b59_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-22_d1c10c14d41be94da84953576be54b59_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-22_d1c10c14d41be94da84953576be54b59_cryptolocker
-
Size
40KB
-
MD5
d1c10c14d41be94da84953576be54b59
-
SHA1
29cf4ca0bb840b33ef6f04b82734ebc9c35f63d6
-
SHA256
84d27097f968478f99ce85e5589d2c99a0155c841a3f3e411f90ebc85e3aacd6
-
SHA512
8f811b2421a6010dc2dc829727a1fdd341b7fff10b145897fe76e501699e0382e170aa891361f6a65e6e9a0471df6672018b38dc6670d1b1c05c2b08a9963535
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYY:qDdFJy3QMOtEvwDpjjWMl7TF
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-