General
-
Target
2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker
-
Size
53KB
-
Sample
240603-kqj5jaag33
-
MD5
ef93abd6111a357180bdf982363d66a1
-
SHA1
35fd35a86405acc66b9fb017562bd56a48b76367
-
SHA256
44e700aa254e9f1847c4ddec755592a6e68b798e030e2d2291ccf124fc0720e9
-
SHA512
4aa2685030c494cae4da10296b286ea6e3080d98ad9e7226b4644cc6ff437dd61a0e77b237c4c7925ff9120e3665c7cdbefd80d9a893025195c41c049b74b72e
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXQ:bODOw9acifAoc+vj
Behavioral task
behavioral1
Sample
2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-03_ef93abd6111a357180bdf982363d66a1_cryptolocker
-
Size
53KB
-
MD5
ef93abd6111a357180bdf982363d66a1
-
SHA1
35fd35a86405acc66b9fb017562bd56a48b76367
-
SHA256
44e700aa254e9f1847c4ddec755592a6e68b798e030e2d2291ccf124fc0720e9
-
SHA512
4aa2685030c494cae4da10296b286ea6e3080d98ad9e7226b4644cc6ff437dd61a0e77b237c4c7925ff9120e3665c7cdbefd80d9a893025195c41c049b74b72e
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXQ:bODOw9acifAoc+vj
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-