General
-
Target
2024-05-26_7ef4ea8f49e098687949e5f63e423258_cryptolocker
-
Size
43KB
-
Sample
240526-eaxsssdf71
-
MD5
7ef4ea8f49e098687949e5f63e423258
-
SHA1
03953032624b578601b12cdadbb48e73741be13b
-
SHA256
ad901f1af3bb81879d9b2eed55b43f8d93d7abaf8b68453292d18fb5db76e37a
-
SHA512
93108c03bf7b4e2cf7cb0026464d1ae78281c46af71e0b21b583641f6e049ef2c8b4c74ec558a3eeec3110d66d47c67a32559661b686144a3f5a6c1d00258244
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0x:6j+1NMOtEvwDpjrR2XabM2
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-26_7ef4ea8f49e098687949e5f63e423258_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-26_7ef4ea8f49e098687949e5f63e423258_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-26_7ef4ea8f49e098687949e5f63e423258_cryptolocker
-
Size
43KB
-
MD5
7ef4ea8f49e098687949e5f63e423258
-
SHA1
03953032624b578601b12cdadbb48e73741be13b
-
SHA256
ad901f1af3bb81879d9b2eed55b43f8d93d7abaf8b68453292d18fb5db76e37a
-
SHA512
93108c03bf7b4e2cf7cb0026464d1ae78281c46af71e0b21b583641f6e049ef2c8b4c74ec558a3eeec3110d66d47c67a32559661b686144a3f5a6c1d00258244
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0x:6j+1NMOtEvwDpjrR2XabM2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-