General
-
Target
2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker
-
Size
58KB
-
Sample
240606-1dp31scc5v
-
MD5
97e32992119b6a30da830294cb6896e8
-
SHA1
41709cbfd5c60069f69e808d03eeac15089622f5
-
SHA256
ac53e542a6a6fa93f1761f217888703e1b011dd32f60a3dd32f60182fd4c2a17
-
SHA512
d70445744be6307ec0d5f9bd33e04a85e0c5270490717a3ac18a13c999a6e4d59785d09a201f9d4d16bf6f00cc7f4f76391a3f0561e3aeefefb3b58bfd15eb33
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4Z:6j+1NMOtEvwDpjr8oxExe4Z
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-06_97e32992119b6a30da830294cb6896e8_cryptolocker
-
Size
58KB
-
MD5
97e32992119b6a30da830294cb6896e8
-
SHA1
41709cbfd5c60069f69e808d03eeac15089622f5
-
SHA256
ac53e542a6a6fa93f1761f217888703e1b011dd32f60a3dd32f60182fd4c2a17
-
SHA512
d70445744be6307ec0d5f9bd33e04a85e0c5270490717a3ac18a13c999a6e4d59785d09a201f9d4d16bf6f00cc7f4f76391a3f0561e3aeefefb3b58bfd15eb33
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4Z:6j+1NMOtEvwDpjr8oxExe4Z
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-