General
-
Target
2024-05-24_04ddfc65bceaacb93b77fda9cd150517_cryptolocker
-
Size
41KB
-
Sample
240524-ezb8dsda7x
-
MD5
04ddfc65bceaacb93b77fda9cd150517
-
SHA1
b3864b7de41b2d6d81ba4b34480a398c9e82f111
-
SHA256
9c078ebbed5101df2b70d5b06e98a5749608bb433eb95f1d98dabbe745414691
-
SHA512
8a7552224fde0dc8a97d6332dce26c5a9d6e2b16b91bf17ea37c63913f79e99b976176d26b9d7d146b479a94381603267f035c381295cc8ea88d8c38435c3b18
-
SSDEEP
384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKH1x:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKVx
Behavioral task
behavioral1
Sample
2024-05-24_04ddfc65bceaacb93b77fda9cd150517_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-24_04ddfc65bceaacb93b77fda9cd150517_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-24_04ddfc65bceaacb93b77fda9cd150517_cryptolocker
-
Size
41KB
-
MD5
04ddfc65bceaacb93b77fda9cd150517
-
SHA1
b3864b7de41b2d6d81ba4b34480a398c9e82f111
-
SHA256
9c078ebbed5101df2b70d5b06e98a5749608bb433eb95f1d98dabbe745414691
-
SHA512
8a7552224fde0dc8a97d6332dce26c5a9d6e2b16b91bf17ea37c63913f79e99b976176d26b9d7d146b479a94381603267f035c381295cc8ea88d8c38435c3b18
-
SSDEEP
384:ba74uGLLQRcsdeQ72ngEr4K7YmE8j6CQYnrz1ZhdaXFXSCVQTLfjDpXqxKH1x:ba74zYcgT/EkdCQgpwXFXSqQXfj0xKVx
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-