General
-
Target
2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker
-
Size
91KB
-
Sample
240531-stk51adb46
-
MD5
005b57667220d756f935a34f449aa174
-
SHA1
5ecf210b009da0af0db8bcbebc202e08bff8f0d7
-
SHA256
a0671da0181bfba6c1548ad4005ff6fbef23595f47b1d9e26ca8b65adbe70b9b
-
SHA512
423b2ddb3e768187319c63ef9560bb111ad780e781fe90c43c77e5a20622975c329acec686264b82f4db744a2e6235f05c2b43ce280078b8cf028b7ad8d9ac72
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz
Behavioral task
behavioral1
Sample
2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-31_005b57667220d756f935a34f449aa174_cryptolocker
-
Size
91KB
-
MD5
005b57667220d756f935a34f449aa174
-
SHA1
5ecf210b009da0af0db8bcbebc202e08bff8f0d7
-
SHA256
a0671da0181bfba6c1548ad4005ff6fbef23595f47b1d9e26ca8b65adbe70b9b
-
SHA512
423b2ddb3e768187319c63ef9560bb111ad780e781fe90c43c77e5a20622975c329acec686264b82f4db744a2e6235f05c2b43ce280078b8cf028b7ad8d9ac72
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-