General
-
Target
2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker
-
Size
51KB
-
Sample
240602-ffzd9acb86
-
MD5
f5cb21d977d94c3e797cfaffdc7b4e5e
-
SHA1
921324e2380fff3e2625bacd5c652e63025200af
-
SHA256
1809d2cb7a90663d08c73ccfd0dac26cf0c4b6db30860aecc6c2d91ef06bac96
-
SHA512
ea1122885b1cfeaa5d47dac4872088ce6c1770d61e634fd71cd8c917aca02ec57dd1b7840b07a3bfe6e7a9a7b1bd9e30ff025de951ea110e76184b4f7415d0a3
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MocCP:qmbhXDmjr5MOtEvwDpj5cDtKkQZQFkq
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-02_f5cb21d977d94c3e797cfaffdc7b4e5e_cryptolocker
-
Size
51KB
-
MD5
f5cb21d977d94c3e797cfaffdc7b4e5e
-
SHA1
921324e2380fff3e2625bacd5c652e63025200af
-
SHA256
1809d2cb7a90663d08c73ccfd0dac26cf0c4b6db30860aecc6c2d91ef06bac96
-
SHA512
ea1122885b1cfeaa5d47dac4872088ce6c1770d61e634fd71cd8c917aca02ec57dd1b7840b07a3bfe6e7a9a7b1bd9e30ff025de951ea110e76184b4f7415d0a3
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MocCP:qmbhXDmjr5MOtEvwDpj5cDtKkQZQFkq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-