General
-
Target
2024-05-22_e6b953dab53384bc793c8317d9c8e632_cryptolocker
-
Size
59KB
-
Sample
240522-dc3ldsaa62
-
MD5
e6b953dab53384bc793c8317d9c8e632
-
SHA1
d2da865db208efd23abdc944244fd08d1fc6f5fb
-
SHA256
0aa466f46a72ccdb4b2efd40bd80953dab932b6b6dd8c8c0e9ee1c43d3b51996
-
SHA512
b36d2fa39a126f2109f82cbd0e64fe107b41c857aecf3958b2fd37e775f537e29893de120362f3250db504361de2b365c94e0b5251cb878ea5a66deb43868870
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pF:H6QFElP6n+gou9cvMOtEvwDpjCpVXr
Behavioral task
behavioral1
Sample
2024-05-22_e6b953dab53384bc793c8317d9c8e632_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-22_e6b953dab53384bc793c8317d9c8e632_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-22_e6b953dab53384bc793c8317d9c8e632_cryptolocker
-
Size
59KB
-
MD5
e6b953dab53384bc793c8317d9c8e632
-
SHA1
d2da865db208efd23abdc944244fd08d1fc6f5fb
-
SHA256
0aa466f46a72ccdb4b2efd40bd80953dab932b6b6dd8c8c0e9ee1c43d3b51996
-
SHA512
b36d2fa39a126f2109f82cbd0e64fe107b41c857aecf3958b2fd37e775f537e29893de120362f3250db504361de2b365c94e0b5251cb878ea5a66deb43868870
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pF:H6QFElP6n+gou9cvMOtEvwDpjCpVXr
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-