General
-
Target
2024-06-09_2b89e3c919a27a383e730a94307ce747_cryptolocker
-
Size
40KB
-
Sample
240609-jm526age73
-
MD5
2b89e3c919a27a383e730a94307ce747
-
SHA1
306e9a05e3d050181cf2aaa7db1084cab7e06534
-
SHA256
e50dba3d016c9502bee1b69cde68c47138d1eaeff281d78f5f219d8e688c822e
-
SHA512
46b25d76bb881938ebe412efbe9ddcc7fba5f56b1083989665ed1b3d048ccd25dddb74ef56db6de078dec5650254e926f0edd79358c30307db425844fa2a0b8a
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDHX:qDdFJy3QMOtEvwDpjjWMl7Tdf
Behavioral task
behavioral1
Sample
2024-06-09_2b89e3c919a27a383e730a94307ce747_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-09_2b89e3c919a27a383e730a94307ce747_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-06-09_2b89e3c919a27a383e730a94307ce747_cryptolocker
-
Size
40KB
-
MD5
2b89e3c919a27a383e730a94307ce747
-
SHA1
306e9a05e3d050181cf2aaa7db1084cab7e06534
-
SHA256
e50dba3d016c9502bee1b69cde68c47138d1eaeff281d78f5f219d8e688c822e
-
SHA512
46b25d76bb881938ebe412efbe9ddcc7fba5f56b1083989665ed1b3d048ccd25dddb74ef56db6de078dec5650254e926f0edd79358c30307db425844fa2a0b8a
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDHX:qDdFJy3QMOtEvwDpjjWMl7Tdf
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-