General
-
Target
2024-06-02_e03ac647d988be1c57710ffabcc6d811_cryptolocker
-
Size
90KB
-
Sample
240602-f5w1esda43
-
MD5
e03ac647d988be1c57710ffabcc6d811
-
SHA1
65b1460fb953d14a296ab8e5ed04d8dd77236ff3
-
SHA256
f2c00504da6ccf74fda5d7130d72805d3e068d026f35c91185344c8adf17c65c
-
SHA512
44ea93eee8ca4070261ae3be8f6c0aa01993aa1648da5dd044345524b7c705f82f3e4b7661af9b439ad996fdea6e6bf9abe8ef8c6fde5950af6ad316302ec55b
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/Q:n6a+1SEOtEvwDpjYYvQd2PX
Behavioral task
behavioral1
Sample
2024-06-02_e03ac647d988be1c57710ffabcc6d811_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-02_e03ac647d988be1c57710ffabcc6d811_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-02_e03ac647d988be1c57710ffabcc6d811_cryptolocker
-
Size
90KB
-
MD5
e03ac647d988be1c57710ffabcc6d811
-
SHA1
65b1460fb953d14a296ab8e5ed04d8dd77236ff3
-
SHA256
f2c00504da6ccf74fda5d7130d72805d3e068d026f35c91185344c8adf17c65c
-
SHA512
44ea93eee8ca4070261ae3be8f6c0aa01993aa1648da5dd044345524b7c705f82f3e4b7661af9b439ad996fdea6e6bf9abe8ef8c6fde5950af6ad316302ec55b
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/Q:n6a+1SEOtEvwDpjYYvQd2PX
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-