General
-
Target
2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker
-
Size
40KB
-
Sample
240603-jg9hdsgc5t
-
MD5
8642c955158c4c44c0c2d79a8b645e0b
-
SHA1
f095b5538e6656a2b55482814c5aa8fe087464d0
-
SHA256
bdbf7652acec2418bd778662551459011869e091c1aa490325bc6e20508149df
-
SHA512
c7b32bd0244f2b929676fb0b78aa6d3060c0246491d52859f7537bbfa2f7e5cb5b62f86762977b32917d38524f82a561b281d2dfcc0eab7d2ac3b29e10d7e705
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYs:qDdFJy3QMOtEvwDpjjWMl7TB
Behavioral task
behavioral1
Sample
2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-03_8642c955158c4c44c0c2d79a8b645e0b_cryptolocker
-
Size
40KB
-
MD5
8642c955158c4c44c0c2d79a8b645e0b
-
SHA1
f095b5538e6656a2b55482814c5aa8fe087464d0
-
SHA256
bdbf7652acec2418bd778662551459011869e091c1aa490325bc6e20508149df
-
SHA512
c7b32bd0244f2b929676fb0b78aa6d3060c0246491d52859f7537bbfa2f7e5cb5b62f86762977b32917d38524f82a561b281d2dfcc0eab7d2ac3b29e10d7e705
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYs:qDdFJy3QMOtEvwDpjjWMl7TB
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-