General
-
Target
2024-05-26_c29e08e0cd3c7bc71e81a8831141ad70_cryptolocker
-
Size
35KB
-
Sample
240526-ef69esea3v
-
MD5
c29e08e0cd3c7bc71e81a8831141ad70
-
SHA1
d6ca45d3802c861be7b857e39dd391f2e32277ad
-
SHA256
3c628eb0a70bf741553e4de711bf13f9ae1599fe22682bd3d59b1405806be9f6
-
SHA512
1d0f81d6f0d26003e940a94eda5a5fcc66da96ae3e938dc189e547cd2376b33ad8d985c819ed75f3f7f5e14492b8a10344bc228cff6f7f3ee98afc8e9f1e9ebb
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrOIwV:bAvJCYOOvbRPDEgXRcuM9gxiV
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-26_c29e08e0cd3c7bc71e81a8831141ad70_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-26_c29e08e0cd3c7bc71e81a8831141ad70_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-26_c29e08e0cd3c7bc71e81a8831141ad70_cryptolocker
-
Size
35KB
-
MD5
c29e08e0cd3c7bc71e81a8831141ad70
-
SHA1
d6ca45d3802c861be7b857e39dd391f2e32277ad
-
SHA256
3c628eb0a70bf741553e4de711bf13f9ae1599fe22682bd3d59b1405806be9f6
-
SHA512
1d0f81d6f0d26003e940a94eda5a5fcc66da96ae3e938dc189e547cd2376b33ad8d985c819ed75f3f7f5e14492b8a10344bc228cff6f7f3ee98afc8e9f1e9ebb
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM9gxrOIwV:bAvJCYOOvbRPDEgXRcuM9gxiV
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-