General
-
Target
2024-06-02_8311d5fbdf00ac2ebb3ab882e4a2ae8d_cryptolocker
-
Size
58KB
-
Sample
240602-2cca7sac95
-
MD5
8311d5fbdf00ac2ebb3ab882e4a2ae8d
-
SHA1
4ee5eba63cc749f2c4cc3264f762dedb58808c56
-
SHA256
72beeb9537cefab013c084e1d18a66f6975156c5045a5595d8e69fe832d2aa33
-
SHA512
e92d5539f6947a684da5cffb3e6f8278b30585a1ea8227cb4f4f93dce9a97215c2ec1208bf0d9602d7b3f8e67d92457ba427d8aa8f27a6c7256bc7077d262f9e
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Gowfj8y:xj+VGMOtEvwDpjubEg5
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-02_8311d5fbdf00ac2ebb3ab882e4a2ae8d_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-02_8311d5fbdf00ac2ebb3ab882e4a2ae8d_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-02_8311d5fbdf00ac2ebb3ab882e4a2ae8d_cryptolocker
-
Size
58KB
-
MD5
8311d5fbdf00ac2ebb3ab882e4a2ae8d
-
SHA1
4ee5eba63cc749f2c4cc3264f762dedb58808c56
-
SHA256
72beeb9537cefab013c084e1d18a66f6975156c5045a5595d8e69fe832d2aa33
-
SHA512
e92d5539f6947a684da5cffb3e6f8278b30585a1ea8227cb4f4f93dce9a97215c2ec1208bf0d9602d7b3f8e67d92457ba427d8aa8f27a6c7256bc7077d262f9e
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Gowfj8y:xj+VGMOtEvwDpjubEg5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-