General
-
Target
2024-05-26_1d9bfaa782240e165bcb0a580f3b5a69_cryptolocker
-
Size
39KB
-
Sample
240526-ebgg7sdf9x
-
MD5
1d9bfaa782240e165bcb0a580f3b5a69
-
SHA1
3b5b220e2c7d284c398368c72000dfb018b09713
-
SHA256
d465fcca81086d47039ff1769138581d0c7141cc073c943bfa635ac2ebac9724
-
SHA512
643d74bcaa6088b689b36c7d878be310ce22e08d702cb72de9e6a873d25ec601642fceea84405a9ee7b24ce6726f8941d28bb4aa5573f76b49f481a15c144b74
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY3:qDdFJy3QMOtEvwDpjjWMl7TO
Behavioral task
behavioral1
Sample
2024-05-26_1d9bfaa782240e165bcb0a580f3b5a69_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-26_1d9bfaa782240e165bcb0a580f3b5a69_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-26_1d9bfaa782240e165bcb0a580f3b5a69_cryptolocker
-
Size
39KB
-
MD5
1d9bfaa782240e165bcb0a580f3b5a69
-
SHA1
3b5b220e2c7d284c398368c72000dfb018b09713
-
SHA256
d465fcca81086d47039ff1769138581d0c7141cc073c943bfa635ac2ebac9724
-
SHA512
643d74bcaa6088b689b36c7d878be310ce22e08d702cb72de9e6a873d25ec601642fceea84405a9ee7b24ce6726f8941d28bb4aa5573f76b49f481a15c144b74
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY3:qDdFJy3QMOtEvwDpjjWMl7TO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-