General
-
Target
2024-05-23_d708c42c2ef0b943ff23050fe2631c3e_cryptolocker
-
Size
89KB
-
Sample
240523-wyxldabf62
-
MD5
d708c42c2ef0b943ff23050fe2631c3e
-
SHA1
f30286ada57814de0740d932902a818cb5ec7468
-
SHA256
9b77f1087c9a0fcf97a53bc9c8d623e91ea391db201164524d6c08dbfb1f0d3e
-
SHA512
96929285fc2190b3ce6d139bb1c4735825972bbf0c31af44d2afd259d830753e395a1b55b6dde8092af871f63f8d5ea48792ab79fab12868ed77a62ac8a85995
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODh:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgP
Behavioral task
behavioral1
Sample
2024-05-23_d708c42c2ef0b943ff23050fe2631c3e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-23_d708c42c2ef0b943ff23050fe2631c3e_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-23_d708c42c2ef0b943ff23050fe2631c3e_cryptolocker
-
Size
89KB
-
MD5
d708c42c2ef0b943ff23050fe2631c3e
-
SHA1
f30286ada57814de0740d932902a818cb5ec7468
-
SHA256
9b77f1087c9a0fcf97a53bc9c8d623e91ea391db201164524d6c08dbfb1f0d3e
-
SHA512
96929285fc2190b3ce6d139bb1c4735825972bbf0c31af44d2afd259d830753e395a1b55b6dde8092af871f63f8d5ea48792ab79fab12868ed77a62ac8a85995
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODh:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgP
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-