General
-
Target
2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker
-
Size
40KB
-
Sample
240531-tgqqdsdd5t
-
MD5
ddf359278063badca90aee18786d74ff
-
SHA1
4407b2f71cab68632234470e8db4dcca59741322
-
SHA256
a82fca5e2fd3c07cb3c3ea2db587b0d02143211c7b1e6fcc8979f1616d62c712
-
SHA512
dd6840aed680f0c24de55c49d647a1a0e39fa81274fb8875ae4878c368327a05a0854e4039bf0de8beb204e5ad0dc44037c352c14dc35cd095146971db53d97d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYA:qDdFJy3QMOtEvwDpjjWMl7T9
Behavioral task
behavioral1
Sample
2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-31_ddf359278063badca90aee18786d74ff_cryptolocker
-
Size
40KB
-
MD5
ddf359278063badca90aee18786d74ff
-
SHA1
4407b2f71cab68632234470e8db4dcca59741322
-
SHA256
a82fca5e2fd3c07cb3c3ea2db587b0d02143211c7b1e6fcc8979f1616d62c712
-
SHA512
dd6840aed680f0c24de55c49d647a1a0e39fa81274fb8875ae4878c368327a05a0854e4039bf0de8beb204e5ad0dc44037c352c14dc35cd095146971db53d97d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYA:qDdFJy3QMOtEvwDpjjWMl7T9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-