General
-
Target
2024-05-25_8b6cb060b06788034e71e0ba51d74b0d_cryptolocker
-
Size
52KB
-
Sample
240525-ganagaga84
-
MD5
8b6cb060b06788034e71e0ba51d74b0d
-
SHA1
64fa09c25d589b5d90ae848afa9a5518d454deca
-
SHA256
777000f1c6f85cd2ba1f90e06fd7ccb4f70f016108aac32408fad0abce26fb5e
-
SHA512
04f03f5d5dacd3a4be29bf1f5b940d217419690a8c747f131ffec7ec71a22ff122bcd1c1fe7f0f484e2e23315a7446b50ab6aac33b5ef226c15778511cd9fc06
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOp:bODOw9acifAoc+vu
Behavioral task
behavioral1
Sample
2024-05-25_8b6cb060b06788034e71e0ba51d74b0d_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-25_8b6cb060b06788034e71e0ba51d74b0d_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-25_8b6cb060b06788034e71e0ba51d74b0d_cryptolocker
-
Size
52KB
-
MD5
8b6cb060b06788034e71e0ba51d74b0d
-
SHA1
64fa09c25d589b5d90ae848afa9a5518d454deca
-
SHA256
777000f1c6f85cd2ba1f90e06fd7ccb4f70f016108aac32408fad0abce26fb5e
-
SHA512
04f03f5d5dacd3a4be29bf1f5b940d217419690a8c747f131ffec7ec71a22ff122bcd1c1fe7f0f484e2e23315a7446b50ab6aac33b5ef226c15778511cd9fc06
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOp:bODOw9acifAoc+vu
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-