General
-
Target
2024-06-02_d4b711ca55e3fcc7fca73007ac2d62b9_cryptolocker
-
Size
92KB
-
Sample
240602-fdzbgabe3w
-
MD5
d4b711ca55e3fcc7fca73007ac2d62b9
-
SHA1
37e9cbf3c15b6a92b5d3a3540c6823992e96ba2f
-
SHA256
f246b900295457b671493dda75dd35f45843f907533df4fb3fd21f532555d99e
-
SHA512
05704e2fe5163c5db651aa16beda4707de6d08752e4c5e1862f6893a42c8c290494272a414f63e8252799108cc3b771ad06fd002889cc291de09e9e952c0d164
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddc:AnBdOOtEvwDpj6z4
Behavioral task
behavioral1
Sample
2024-06-02_d4b711ca55e3fcc7fca73007ac2d62b9_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-02_d4b711ca55e3fcc7fca73007ac2d62b9_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-02_d4b711ca55e3fcc7fca73007ac2d62b9_cryptolocker
-
Size
92KB
-
MD5
d4b711ca55e3fcc7fca73007ac2d62b9
-
SHA1
37e9cbf3c15b6a92b5d3a3540c6823992e96ba2f
-
SHA256
f246b900295457b671493dda75dd35f45843f907533df4fb3fd21f532555d99e
-
SHA512
05704e2fe5163c5db651aa16beda4707de6d08752e4c5e1862f6893a42c8c290494272a414f63e8252799108cc3b771ad06fd002889cc291de09e9e952c0d164
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddc:AnBdOOtEvwDpj6z4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-