General
-
Target
2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker
-
Size
71KB
-
Sample
240527-w213zaec48
-
MD5
32616c570c3169fc3113456718973c44
-
SHA1
3cc27e015f2c311fa151418361ea5f111783fee4
-
SHA256
58fc3db100642b8e2ee9a72294326f86eaa3fc79f92221a19f10ba5ef443b259
-
SHA512
7390dc6c9583d8ce4b92748e5e08b764dc3a1bdad4652d7b5f1fec85ac84ef9a87bfb5c838ff412ab4e676a6d1ecc6206373de04760763638c81681a4d056358
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95Ot:C4Q2c94OtEvwDpj4H8z/
Behavioral task
behavioral1
Sample
2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-27_32616c570c3169fc3113456718973c44_cryptolocker
-
Size
71KB
-
MD5
32616c570c3169fc3113456718973c44
-
SHA1
3cc27e015f2c311fa151418361ea5f111783fee4
-
SHA256
58fc3db100642b8e2ee9a72294326f86eaa3fc79f92221a19f10ba5ef443b259
-
SHA512
7390dc6c9583d8ce4b92748e5e08b764dc3a1bdad4652d7b5f1fec85ac84ef9a87bfb5c838ff412ab4e676a6d1ecc6206373de04760763638c81681a4d056358
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95Ot:C4Q2c94OtEvwDpj4H8z/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-