General
-
Target
2024-05-24_c1cf1922d8b50a4509a5febbcb470a83_cryptolocker
-
Size
34KB
-
Sample
240524-emcndscd71
-
MD5
c1cf1922d8b50a4509a5febbcb470a83
-
SHA1
cd8ea35a12d4e3d8798c71aa77b1415bc3f29804
-
SHA256
8c064865a40c34ac9cc6c67293e704fec2b4892bb4ce96dd6496c70ee687bcd3
-
SHA512
f698b204622e13338dd8440ca886e3a8221f8be59e12744111db705c4794b82be0be5d80f222f857337d0c525dac3420f6a7a1bea066089a90d26480d29a899f
-
SSDEEP
768:bFPm5zusFUB2preAr+Ofjg0S16avdrQFiLjJvtX2:bFPmpiif/oc+vX2
Behavioral task
behavioral1
Sample
2024-05-24_c1cf1922d8b50a4509a5febbcb470a83_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-24_c1cf1922d8b50a4509a5febbcb470a83_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-24_c1cf1922d8b50a4509a5febbcb470a83_cryptolocker
-
Size
34KB
-
MD5
c1cf1922d8b50a4509a5febbcb470a83
-
SHA1
cd8ea35a12d4e3d8798c71aa77b1415bc3f29804
-
SHA256
8c064865a40c34ac9cc6c67293e704fec2b4892bb4ce96dd6496c70ee687bcd3
-
SHA512
f698b204622e13338dd8440ca886e3a8221f8be59e12744111db705c4794b82be0be5d80f222f857337d0c525dac3420f6a7a1bea066089a90d26480d29a899f
-
SSDEEP
768:bFPm5zusFUB2preAr+Ofjg0S16avdrQFiLjJvtX2:bFPmpiif/oc+vX2
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-