General
-
Target
2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker
-
Size
43KB
-
Sample
240603-lgn8kaab5t
-
MD5
2b6fc4f9fee73fc776bf73f15870d759
-
SHA1
9a440575823eff599dc0b87073fd516090e3fb96
-
SHA256
efcd573b447f8385271fe4cccb2c33600508997463dac5b63bf4e3faa4c52a9c
-
SHA512
18b4c034e04c86777c1fc820810b767dceac36b51115302498b2bdd693fe9fde8a5078ca1d68aa8d4b7251c5ea71c1ffb4e539bcac32f2dd26a8a0ca074b9170
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAb:b/pYayGig5HjS3NPAb
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-03_2b6fc4f9fee73fc776bf73f15870d759_cryptolocker
-
Size
43KB
-
MD5
2b6fc4f9fee73fc776bf73f15870d759
-
SHA1
9a440575823eff599dc0b87073fd516090e3fb96
-
SHA256
efcd573b447f8385271fe4cccb2c33600508997463dac5b63bf4e3faa4c52a9c
-
SHA512
18b4c034e04c86777c1fc820810b767dceac36b51115302498b2bdd693fe9fde8a5078ca1d68aa8d4b7251c5ea71c1ffb4e539bcac32f2dd26a8a0ca074b9170
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAb:b/pYayGig5HjS3NPAb
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-