General
-
Target
2024-05-23_482876aebf1002217508dabb4b6c7962_cryptolocker
-
Size
52KB
-
Sample
240523-wn94qabc76
-
MD5
482876aebf1002217508dabb4b6c7962
-
SHA1
25ffea41cac4f203637f350cc3cd64abae83f7cf
-
SHA256
9fcb44dcd47c56b3fbf6024f9a85cf47e7228f5a8d175948d796df06ee00d7f5
-
SHA512
3ee5dc792dc0b9ecbefea05a42a0e2ed34cb28683c65553c71d0194d6f77da0c2438d7f18f2ad09be5fefe09e0d2f27ed7abb304e5971262a43b6ff8bb7555a7
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOB:bODOw9acifAoc+vW
Behavioral task
behavioral1
Sample
2024-05-23_482876aebf1002217508dabb4b6c7962_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-23_482876aebf1002217508dabb4b6c7962_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-23_482876aebf1002217508dabb4b6c7962_cryptolocker
-
Size
52KB
-
MD5
482876aebf1002217508dabb4b6c7962
-
SHA1
25ffea41cac4f203637f350cc3cd64abae83f7cf
-
SHA256
9fcb44dcd47c56b3fbf6024f9a85cf47e7228f5a8d175948d796df06ee00d7f5
-
SHA512
3ee5dc792dc0b9ecbefea05a42a0e2ed34cb28683c65553c71d0194d6f77da0c2438d7f18f2ad09be5fefe09e0d2f27ed7abb304e5971262a43b6ff8bb7555a7
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOB:bODOw9acifAoc+vW
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-