General
-
Target
2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker
-
Size
42KB
-
Sample
240531-sxv5dacf2v
-
MD5
186f56534a62d7548e498b6d1e6af4f9
-
SHA1
e2e6bb77c1624ab6eabe7e9aa07df9caa75ef5c8
-
SHA256
9a64eba1c21100e404bebfd7b227f0dad7e5fedb28500be0f35f12f5c33171a8
-
SHA512
d64c5984df7315db5aa5a24c23d658cf62ad696d2252368cc7b1745a848b6596c32f819a338005ae889d9cbb9f41ee56d9b608c7702ac8e21e8c70789a13d66b
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhQ:i5nkFGMOtEvwDpjR+viHshNC
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-31_186f56534a62d7548e498b6d1e6af4f9_cryptolocker
-
Size
42KB
-
MD5
186f56534a62d7548e498b6d1e6af4f9
-
SHA1
e2e6bb77c1624ab6eabe7e9aa07df9caa75ef5c8
-
SHA256
9a64eba1c21100e404bebfd7b227f0dad7e5fedb28500be0f35f12f5c33171a8
-
SHA512
d64c5984df7315db5aa5a24c23d658cf62ad696d2252368cc7b1745a848b6596c32f819a338005ae889d9cbb9f41ee56d9b608c7702ac8e21e8c70789a13d66b
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhQ:i5nkFGMOtEvwDpjR+viHshNC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-