General
-
Target
2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker
-
Size
53KB
-
Sample
240531-taqrtadb3t
-
MD5
d5f510174c7419e437b1867e67495471
-
SHA1
307d69c3c2c07407515a3bbdebab28c8804f1eb4
-
SHA256
90eb96c1d8c850e0b4623f6c0f6896db93df4160069d230c0013653f425020ce
-
SHA512
69e4392d6aa6eadef78b1b8e49407ecb8c3bc7914b0dad6b97af6562e85b496e3f90e6164a9d690368191ef2bc32fc7937452182dea5206ff9cdff7eacc7f295
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOs:z6QFElP6n+gKmddpMOtEvwDpj31is
Behavioral task
behavioral1
Sample
2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-31_d5f510174c7419e437b1867e67495471_cryptolocker
-
Size
53KB
-
MD5
d5f510174c7419e437b1867e67495471
-
SHA1
307d69c3c2c07407515a3bbdebab28c8804f1eb4
-
SHA256
90eb96c1d8c850e0b4623f6c0f6896db93df4160069d230c0013653f425020ce
-
SHA512
69e4392d6aa6eadef78b1b8e49407ecb8c3bc7914b0dad6b97af6562e85b496e3f90e6164a9d690368191ef2bc32fc7937452182dea5206ff9cdff7eacc7f295
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOs:z6QFElP6n+gKmddpMOtEvwDpj31is
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-