General
-
Target
2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker
-
Size
40KB
-
Sample
240527-w3prbsec73
-
MD5
3eed62ab5b309e077a6fd6161a27caa3
-
SHA1
eee9c5b1e472200a62f9936e9ee11bae14e1391c
-
SHA256
f7921d5b497c54ade3c82381df4d163e5a20cfaf9ff60d938edd92815d361031
-
SHA512
d177aa598c2a93633c01d746df86f72b48638b1935c4ef8a290bd56a531a7cbe26a985d9a2f0e14fe6dd927329a738eb1d47d5b3e1124d30f72126d5fc790f8a
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/MCx:qDdFJy3QMOtEvwDpjjWMl7Tdn/B
Behavioral task
behavioral1
Sample
2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-27_3eed62ab5b309e077a6fd6161a27caa3_cryptolocker
-
Size
40KB
-
MD5
3eed62ab5b309e077a6fd6161a27caa3
-
SHA1
eee9c5b1e472200a62f9936e9ee11bae14e1391c
-
SHA256
f7921d5b497c54ade3c82381df4d163e5a20cfaf9ff60d938edd92815d361031
-
SHA512
d177aa598c2a93633c01d746df86f72b48638b1935c4ef8a290bd56a531a7cbe26a985d9a2f0e14fe6dd927329a738eb1d47d5b3e1124d30f72126d5fc790f8a
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan/MCx:qDdFJy3QMOtEvwDpjjWMl7Tdn/B
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-