General
-
Target
2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker
-
Size
32KB
-
Sample
240523-wxswssbe9s
-
MD5
aef05547629d8939ab63e36bb5448b95
-
SHA1
80a098926127c3e2f38e015e572dc18127bbe395
-
SHA256
71a6af38b2abe51bc25645d8bb64bb7ffda6190b5f8f372a6d4f3020ab47e6d7
-
SHA512
697da97facb35b70199e3755195d2be9f6c59681581219662d9d635b9c134b64f06e6c83bdb228e14fac7bc431548c00ed82efb9e19e6e8b37a15ca89043a660
-
SSDEEP
384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGOKei:bG74zYcgT/Ekd0ryfjUei
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-23_aef05547629d8939ab63e36bb5448b95_cryptolocker
-
Size
32KB
-
MD5
aef05547629d8939ab63e36bb5448b95
-
SHA1
80a098926127c3e2f38e015e572dc18127bbe395
-
SHA256
71a6af38b2abe51bc25645d8bb64bb7ffda6190b5f8f372a6d4f3020ab47e6d7
-
SHA512
697da97facb35b70199e3755195d2be9f6c59681581219662d9d635b9c134b64f06e6c83bdb228e14fac7bc431548c00ed82efb9e19e6e8b37a15ca89043a660
-
SSDEEP
384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGOKei:bG74zYcgT/Ekd0ryfjUei
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-