General
-
Target
2024-05-26_8376eccb9bac9057a8f54db71ccd9d34_cryptolocker
-
Size
40KB
-
Sample
240526-ea6eyaed88
-
MD5
8376eccb9bac9057a8f54db71ccd9d34
-
SHA1
8d8e69285ce237b9e88b015f475fb9e9169a818d
-
SHA256
e0d6b2dc1d64ce71930e51c5a801ff47f5e2c858044731a3f3051d7c51b83038
-
SHA512
08f5b2b6f52b6962d1d6f406d4e13ef46bfeb9e47cc8330fadbc2085a961cb93952318e4626613cb313896a77f6fbcac22391e0216cd4a9d7dbc0a660295223e
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBA6:qDdFJy3QMOtEvwDpjjWMl7Td1
Behavioral task
behavioral1
Sample
2024-05-26_8376eccb9bac9057a8f54db71ccd9d34_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-26_8376eccb9bac9057a8f54db71ccd9d34_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-26_8376eccb9bac9057a8f54db71ccd9d34_cryptolocker
-
Size
40KB
-
MD5
8376eccb9bac9057a8f54db71ccd9d34
-
SHA1
8d8e69285ce237b9e88b015f475fb9e9169a818d
-
SHA256
e0d6b2dc1d64ce71930e51c5a801ff47f5e2c858044731a3f3051d7c51b83038
-
SHA512
08f5b2b6f52b6962d1d6f406d4e13ef46bfeb9e47cc8330fadbc2085a961cb93952318e4626613cb313896a77f6fbcac22391e0216cd4a9d7dbc0a660295223e
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBA6:qDdFJy3QMOtEvwDpjjWMl7Td1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-