General
-
Target
2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker
-
Size
68KB
-
Sample
240523-bveaeagg53
-
MD5
85c18dc9159d669bb3c1443a83efd37b
-
SHA1
e13495a7c5292df54a5d2dbd781ac7cfa1d58ff8
-
SHA256
c17c7ba43557b380efafa61a4689db09da342187497e20b1c9540597c0aedc76
-
SHA512
44cd658832af657b89c5d511d5bf57f7074ab9663a276cd4bbcc81a7156185e6fd94484792f66d24d17a931e205052e1ce39fae1190af346ef9690bdcc5ba074
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFIb:6j+1NMOtEvwDpjr8ox8UDEpN/jy
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-23_85c18dc9159d669bb3c1443a83efd37b_cryptolocker
-
Size
68KB
-
MD5
85c18dc9159d669bb3c1443a83efd37b
-
SHA1
e13495a7c5292df54a5d2dbd781ac7cfa1d58ff8
-
SHA256
c17c7ba43557b380efafa61a4689db09da342187497e20b1c9540597c0aedc76
-
SHA512
44cd658832af657b89c5d511d5bf57f7074ab9663a276cd4bbcc81a7156185e6fd94484792f66d24d17a931e205052e1ce39fae1190af346ef9690bdcc5ba074
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xFIb:6j+1NMOtEvwDpjr8ox8UDEpN/jy
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-