General
-
Target
2024-05-29_fd27d1c2255f519149005392ba674614_cryptolocker
-
Size
38KB
-
Sample
240529-fdshxsah3s
-
MD5
fd27d1c2255f519149005392ba674614
-
SHA1
30ed53bec1ccfef9caca36bf00e83a090dce2581
-
SHA256
0379fbd4eb8e3fc7aafaf5107f6763395632d1f5cce1137fe337391a7216e15d
-
SHA512
942bce9e156662d9bd8e14c72ab66ce1100090ab76e1efbcc73f233eca03dc42db1a4db9f8792883549d73ef56b0ba8d2c77c17bfbe14bd47f251dd7314b3b3a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjxuaPlbd:b/yC4GyNM01GuQMNXw2PSjH+PPxVb
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-29_fd27d1c2255f519149005392ba674614_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-29_fd27d1c2255f519149005392ba674614_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-29_fd27d1c2255f519149005392ba674614_cryptolocker
-
Size
38KB
-
MD5
fd27d1c2255f519149005392ba674614
-
SHA1
30ed53bec1ccfef9caca36bf00e83a090dce2581
-
SHA256
0379fbd4eb8e3fc7aafaf5107f6763395632d1f5cce1137fe337391a7216e15d
-
SHA512
942bce9e156662d9bd8e14c72ab66ce1100090ab76e1efbcc73f233eca03dc42db1a4db9f8792883549d73ef56b0ba8d2c77c17bfbe14bd47f251dd7314b3b3a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6A0X/EIjxuaPlbd:b/yC4GyNM01GuQMNXw2PSjH+PPxVb
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-