General
-
Target
2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker
-
Size
91KB
-
Sample
240525-a2fw5sge4v
-
MD5
6a03c66b01a30f7de5876164e037a7c5
-
SHA1
4f72b0855d58a424343c06a867e819104e0e5791
-
SHA256
a39a06ed1a36ac2c2f9fcec786a4b540aac4440a1cd5e30ecb2474a0a83744c6
-
SHA512
53e96db6bd0c9f4275be1fe7c957c9ff27335446e2dec2b74acf4c1742b5df1b32d243a37ba7fae014c9ddea8caa594e6927ee8dfc4634dc2ec69346dddbaf27
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/D2:n6a+1SEOtEvwDpjYYvQd2Px
Behavioral task
behavioral1
Sample
2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-25_6a03c66b01a30f7de5876164e037a7c5_cryptolocker
-
Size
91KB
-
MD5
6a03c66b01a30f7de5876164e037a7c5
-
SHA1
4f72b0855d58a424343c06a867e819104e0e5791
-
SHA256
a39a06ed1a36ac2c2f9fcec786a4b540aac4440a1cd5e30ecb2474a0a83744c6
-
SHA512
53e96db6bd0c9f4275be1fe7c957c9ff27335446e2dec2b74acf4c1742b5df1b32d243a37ba7fae014c9ddea8caa594e6927ee8dfc4634dc2ec69346dddbaf27
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/D2:n6a+1SEOtEvwDpjYYvQd2Px
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-