General
-
Target
2024-05-26_c5754c59cc33075589942d5497a5266f_cryptolocker
-
Size
69KB
-
Sample
240526-egbh5seg22
-
MD5
c5754c59cc33075589942d5497a5266f
-
SHA1
97fdaf09a6131e501de3fd0c13cbf9b49444e297
-
SHA256
185a653c5a06e9b3e8710615f391580f89769e0b120c65be951fea4524876705
-
SHA512
061289e78d23ef1b0abb5b930669836c56a58a70a84c5c685e2ca8e3223bf869de7139d0bfe04dcadda2f481620504cf69eb92f56a8f0e65e96232be8bd4516f
-
SSDEEP
1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQApI0x:78SEOtEvwDpjWYvQd2Ph
Behavioral task
behavioral1
Sample
2024-05-26_c5754c59cc33075589942d5497a5266f_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-26_c5754c59cc33075589942d5497a5266f_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-26_c5754c59cc33075589942d5497a5266f_cryptolocker
-
Size
69KB
-
MD5
c5754c59cc33075589942d5497a5266f
-
SHA1
97fdaf09a6131e501de3fd0c13cbf9b49444e297
-
SHA256
185a653c5a06e9b3e8710615f391580f89769e0b120c65be951fea4524876705
-
SHA512
061289e78d23ef1b0abb5b930669836c56a58a70a84c5c685e2ca8e3223bf869de7139d0bfe04dcadda2f481620504cf69eb92f56a8f0e65e96232be8bd4516f
-
SSDEEP
1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQApI0x:78SEOtEvwDpjWYvQd2Ph
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-