General
-
Target
2024-06-02_c5616263e5af27acf2fcde41d8c38b4a_cryptolocker
-
Size
54KB
-
Sample
240602-fcdy5sbd6t
-
MD5
c5616263e5af27acf2fcde41d8c38b4a
-
SHA1
789808b29ee3ad21225edad7f046b634c06d7598
-
SHA256
05d85b9812f078c469bae7e4fd49d296639f2c1380a4c40004ca7352dfacf6b7
-
SHA512
a132d8fbb82a26808bb25d2f172d5ba191372420c82e6503f1b5a3a26a5d93f58c54bfabdc5c8f4a17c66699c3cdc8eab27f81715f14e369bdac1f59c4fbaf26
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOkgE:z6QFElP6n+gKmddpMOtEvwDpj31ikgE
Behavioral task
behavioral1
Sample
2024-06-02_c5616263e5af27acf2fcde41d8c38b4a_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-02_c5616263e5af27acf2fcde41d8c38b4a_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-02_c5616263e5af27acf2fcde41d8c38b4a_cryptolocker
-
Size
54KB
-
MD5
c5616263e5af27acf2fcde41d8c38b4a
-
SHA1
789808b29ee3ad21225edad7f046b634c06d7598
-
SHA256
05d85b9812f078c469bae7e4fd49d296639f2c1380a4c40004ca7352dfacf6b7
-
SHA512
a132d8fbb82a26808bb25d2f172d5ba191372420c82e6503f1b5a3a26a5d93f58c54bfabdc5c8f4a17c66699c3cdc8eab27f81715f14e369bdac1f59c4fbaf26
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YY1J+OTOkgE:z6QFElP6n+gKmddpMOtEvwDpj31ikgE
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-