General
-
Target
2024-05-24_16c940c9447e45cc0238379e8b63d047_cryptolocker
-
Size
38KB
-
Sample
240524-ez4bwada94
-
MD5
16c940c9447e45cc0238379e8b63d047
-
SHA1
d57ab0b0b51a5848dfe21c6522ca4b2644d03b9b
-
SHA256
a85e0bd67cca856fc52a0ed70f2dd07581754a49d00bd793017f561cc9872656
-
SHA512
a0097b39a62d4dc7500e4b56d3df8d71ae878d1697ec9c065addd06a8351c7f580d7bc09e22348d043e05406e2d824eadad140a340ead60f174c524b420c28c9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/E:qDdFJy3QMOtEvwDpjjWMl7Tdn/E
Behavioral task
behavioral1
Sample
2024-05-24_16c940c9447e45cc0238379e8b63d047_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-05-24_16c940c9447e45cc0238379e8b63d047_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-24_16c940c9447e45cc0238379e8b63d047_cryptolocker
-
Size
38KB
-
MD5
16c940c9447e45cc0238379e8b63d047
-
SHA1
d57ab0b0b51a5848dfe21c6522ca4b2644d03b9b
-
SHA256
a85e0bd67cca856fc52a0ed70f2dd07581754a49d00bd793017f561cc9872656
-
SHA512
a0097b39a62d4dc7500e4b56d3df8d71ae878d1697ec9c065addd06a8351c7f580d7bc09e22348d043e05406e2d824eadad140a340ead60f174c524b420c28c9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/E:qDdFJy3QMOtEvwDpjjWMl7Tdn/E
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-