General
-
Target
2024-06-01_3259ffee064b0d7430ab9ac541c24799_cryptolocker
-
Size
72KB
-
Sample
240601-x7lqxace7s
-
MD5
3259ffee064b0d7430ab9ac541c24799
-
SHA1
8126bd2ae1e53735b9ed9ba8b1012769577dad5b
-
SHA256
1a25845bded431e4a7fe0af9d6d69e6c062ec434237de39bcc78720d674f99a1
-
SHA512
7e7be6ec683711548edbe061f14d1c23889542e472daec03425ec60825908738e93d8ce9f694822d58d5aaebe10914f6834a524b46e281f0f5b56d27c517d882
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9z:C4Q2c94OtEvwDpj4H8z2
Behavioral task
behavioral1
Sample
2024-06-01_3259ffee064b0d7430ab9ac541c24799_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-01_3259ffee064b0d7430ab9ac541c24799_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-01_3259ffee064b0d7430ab9ac541c24799_cryptolocker
-
Size
72KB
-
MD5
3259ffee064b0d7430ab9ac541c24799
-
SHA1
8126bd2ae1e53735b9ed9ba8b1012769577dad5b
-
SHA256
1a25845bded431e4a7fe0af9d6d69e6c062ec434237de39bcc78720d674f99a1
-
SHA512
7e7be6ec683711548edbe061f14d1c23889542e472daec03425ec60825908738e93d8ce9f694822d58d5aaebe10914f6834a524b46e281f0f5b56d27c517d882
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9z:C4Q2c94OtEvwDpj4H8z2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-