General
-
Target
2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker
-
Size
54KB
-
Sample
240610-1l62hasdll
-
MD5
fa380a76cceb9950a6d99b32c43a8ef0
-
SHA1
c4f042e606704e4adfae54ab0e5dd59c59613a94
-
SHA256
79b5755194e74f9ab5d0ced5faf07fe921f565ebcb8723c7557568e176772b0d
-
SHA512
ff6108a9d9738c2c6ff50fb0cdecf569acd984543b735af451acccf8b9128ce4f0ffac1dbfa9391821a234b6b1fd2d2670af716118582b0fc204b5ff2475f4ac
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXS:bODOw9acifAoc+v9
Behavioral task
behavioral1
Sample
2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-10_fa380a76cceb9950a6d99b32c43a8ef0_cryptolocker
-
Size
54KB
-
MD5
fa380a76cceb9950a6d99b32c43a8ef0
-
SHA1
c4f042e606704e4adfae54ab0e5dd59c59613a94
-
SHA256
79b5755194e74f9ab5d0ced5faf07fe921f565ebcb8723c7557568e176772b0d
-
SHA512
ff6108a9d9738c2c6ff50fb0cdecf569acd984543b735af451acccf8b9128ce4f0ffac1dbfa9391821a234b6b1fd2d2670af716118582b0fc204b5ff2475f4ac
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOXS:bODOw9acifAoc+v9
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-