General
-
Target
2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker
-
Size
43KB
-
Sample
240610-fcjvdsch56
-
MD5
3c025f2116296084f855d78bb2d91314
-
SHA1
2ea9dfe96755c28fd858806da8b005d2de463e62
-
SHA256
566f78c31f854f579785261ca69cbd23af9ad7ed55b4073979f1c7f6a093a732
-
SHA512
0730b99a1e1dc6ce2622d395bdb7f561dd9d03cce41cd588a15d5eaca2e38a8abb4376b4115fa80553032775fa0e45e5c9bb5775662d6da5ddb9b412adf94cd8
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDDU3:6j+1NMOtEvwDpjrRh3
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-10_3c025f2116296084f855d78bb2d91314_cryptolocker
-
Size
43KB
-
MD5
3c025f2116296084f855d78bb2d91314
-
SHA1
2ea9dfe96755c28fd858806da8b005d2de463e62
-
SHA256
566f78c31f854f579785261ca69cbd23af9ad7ed55b4073979f1c7f6a093a732
-
SHA512
0730b99a1e1dc6ce2622d395bdb7f561dd9d03cce41cd588a15d5eaca2e38a8abb4376b4115fa80553032775fa0e45e5c9bb5775662d6da5ddb9b412adf94cd8
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDDU3:6j+1NMOtEvwDpjrRh3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-