General
-
Target
2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker
-
Size
56KB
-
Sample
240603-jpnwnage2y
-
MD5
ed96f24e9d93e4d095d1b7d503f6def6
-
SHA1
491ee20f3e8aa715918032a31ca88614d107d10f
-
SHA256
ec73a490a8adab3b93436b331a6077f523da9806919ccb00bb73c93d6cab4c52
-
SHA512
59281563abced140e184be204c450524bf56b79285b6dc3f1b20be4de9a2c7035ac6f0621452bb4d567ab8f5725886454dde1aea4dab3ca31ebaf03bfb7e26f4
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlD:bP9g/xtCS3Dxx0A
Behavioral task
behavioral1
Sample
2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-06-03_ed96f24e9d93e4d095d1b7d503f6def6_cryptolocker
-
Size
56KB
-
MD5
ed96f24e9d93e4d095d1b7d503f6def6
-
SHA1
491ee20f3e8aa715918032a31ca88614d107d10f
-
SHA256
ec73a490a8adab3b93436b331a6077f523da9806919ccb00bb73c93d6cab4c52
-
SHA512
59281563abced140e184be204c450524bf56b79285b6dc3f1b20be4de9a2c7035ac6f0621452bb4d567ab8f5725886454dde1aea4dab3ca31ebaf03bfb7e26f4
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlD:bP9g/xtCS3Dxx0A
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-