General
-
Target
2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker
-
Size
89KB
-
Sample
240610-gwzkmada3x
-
MD5
a9a6568e472b581bb48147e2b462d726
-
SHA1
031b29786b06694ea9494fe59d5bafe1d3b77828
-
SHA256
b65ed3bfb98a25c53b5f0edaa43c9eed5a64b1eaa6bfd1712536fe3efb4f778a
-
SHA512
1f79c0bfc76182161ee50123d9d8802cc64c1660f766617beac79d83188c98330f828b96984404c44b78a4212f9fce06b1470f743599afb9afb31c1d7ce999e2
-
SSDEEP
1536:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8BRAE:okFDOtEvwDpjP2
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-10_a9a6568e472b581bb48147e2b462d726_cryptolocker
-
Size
89KB
-
MD5
a9a6568e472b581bb48147e2b462d726
-
SHA1
031b29786b06694ea9494fe59d5bafe1d3b77828
-
SHA256
b65ed3bfb98a25c53b5f0edaa43c9eed5a64b1eaa6bfd1712536fe3efb4f778a
-
SHA512
1f79c0bfc76182161ee50123d9d8802cc64c1660f766617beac79d83188c98330f828b96984404c44b78a4212f9fce06b1470f743599afb9afb31c1d7ce999e2
-
SSDEEP
1536:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8BRAE:okFDOtEvwDpjP2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-