General
-
Target
2024-06-10_0857e63df00b16fe34e91c1f91005e0d_cryptolocker
-
Size
70KB
-
Sample
240610-z889ps1fql
-
MD5
0857e63df00b16fe34e91c1f91005e0d
-
SHA1
abedaa6f8315b0496efdb6e64e394cbfe5c5e5a7
-
SHA256
dba02dfcb33681c3085b2c4c6ecc3bc357300f2ce28bf0079ac12536011d93bd
-
SHA512
95ea478b10bb7e6620ea0927833f962926eb7069bd1fe3c744832cc3b1062d3bb3b25f153485219515b540ebfc56ed76422502157f45f6977891a7f36b0a3ab2
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pj:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAj
Behavioral task
behavioral1
Sample
2024-06-10_0857e63df00b16fe34e91c1f91005e0d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-10_0857e63df00b16fe34e91c1f91005e0d_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-10_0857e63df00b16fe34e91c1f91005e0d_cryptolocker
-
Size
70KB
-
MD5
0857e63df00b16fe34e91c1f91005e0d
-
SHA1
abedaa6f8315b0496efdb6e64e394cbfe5c5e5a7
-
SHA256
dba02dfcb33681c3085b2c4c6ecc3bc357300f2ce28bf0079ac12536011d93bd
-
SHA512
95ea478b10bb7e6620ea0927833f962926eb7069bd1fe3c744832cc3b1062d3bb3b25f153485219515b540ebfc56ed76422502157f45f6977891a7f36b0a3ab2
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pj:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAj
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-