General
-
Target
2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker
-
Size
89KB
-
Sample
240607-ssxseaad3s
-
MD5
1fe376ad2fe34aaec6adce44417d2003
-
SHA1
88f0e7c5b65a4afaa4234616160839db03696fec
-
SHA256
fbc2170401ce0a217c8e3df1af4246eb535605e4260557c933cd9c45a6977478
-
SHA512
9fd4a415bdce0d06f2c7e6132dd0c7112fe18bc4f2c80ec82d5e573afe64a890ec8f50f6884b9f64d2abd935192d6ce5cbf77db92670377b7983823ec1a8a5af
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQ/:AnBdOOtEvwDpj6zU
Behavioral task
behavioral1
Sample
2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-07_1fe376ad2fe34aaec6adce44417d2003_cryptolocker
-
Size
89KB
-
MD5
1fe376ad2fe34aaec6adce44417d2003
-
SHA1
88f0e7c5b65a4afaa4234616160839db03696fec
-
SHA256
fbc2170401ce0a217c8e3df1af4246eb535605e4260557c933cd9c45a6977478
-
SHA512
9fd4a415bdce0d06f2c7e6132dd0c7112fe18bc4f2c80ec82d5e573afe64a890ec8f50f6884b9f64d2abd935192d6ce5cbf77db92670377b7983823ec1a8a5af
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQ/:AnBdOOtEvwDpj6zU
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-