General
-
Target
2024-06-10_bac89f39a7ce57918e2643bb14eac1e7_cryptolocker
-
Size
60KB
-
Sample
240610-g5ralsdg96
-
MD5
bac89f39a7ce57918e2643bb14eac1e7
-
SHA1
4032bb19172d7c6d9975aeb0a07ab2f430e857c2
-
SHA256
d99284a8259ecc33e8017a46fd7f977d7cc1278dbd2b60d21036f783d9b53fae
-
SHA512
5d95115384a9f6a399fe3565a8325da70b83e14c862a602de1f8db7dee7a368439d1dfa213040d7b0af87622c4a96ecd6f86cb321b2c3ef0b86cc492ed57605c
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjY:H6QFElP6n+gou9cvMOtEvwDpjCpVXt
Behavioral task
behavioral1
Sample
2024-06-10_bac89f39a7ce57918e2643bb14eac1e7_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-10_bac89f39a7ce57918e2643bb14eac1e7_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-10_bac89f39a7ce57918e2643bb14eac1e7_cryptolocker
-
Size
60KB
-
MD5
bac89f39a7ce57918e2643bb14eac1e7
-
SHA1
4032bb19172d7c6d9975aeb0a07ab2f430e857c2
-
SHA256
d99284a8259ecc33e8017a46fd7f977d7cc1278dbd2b60d21036f783d9b53fae
-
SHA512
5d95115384a9f6a399fe3565a8325da70b83e14c862a602de1f8db7dee7a368439d1dfa213040d7b0af87622c4a96ecd6f86cb321b2c3ef0b86cc492ed57605c
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPjY:H6QFElP6n+gou9cvMOtEvwDpjCpVXt
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-