General
-
Target
2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker
-
Size
70KB
-
Sample
240611-a1aczaxfmm
-
MD5
a9fcb43baf8fae663fc8602b7e73fcf4
-
SHA1
8f1c22a7fa3b1bfa97c53e752aa6f141e6b0c8ef
-
SHA256
b7c6b23c2aa786cf1cbb7a763ca68a3683c5faddb5532e9c3e16d3c3a9346618
-
SHA512
debadd19f643311c33b4cdea98244ed3d0066062a58462f9b3c4860141597a53ed730123913bb42e6d01429710c0c44a12202c392ccb33e5536eb08bd5a8773e
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PL:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAL
Behavioral task
behavioral1
Sample
2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-11_a9fcb43baf8fae663fc8602b7e73fcf4_cryptolocker
-
Size
70KB
-
MD5
a9fcb43baf8fae663fc8602b7e73fcf4
-
SHA1
8f1c22a7fa3b1bfa97c53e752aa6f141e6b0c8ef
-
SHA256
b7c6b23c2aa786cf1cbb7a763ca68a3683c5faddb5532e9c3e16d3c3a9346618
-
SHA512
debadd19f643311c33b4cdea98244ed3d0066062a58462f9b3c4860141597a53ed730123913bb42e6d01429710c0c44a12202c392ccb33e5536eb08bd5a8773e
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PL:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAL
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-