General
-
Target
2024-06-11_df13e7c4120785532b4ea408b20be897_cryptolocker
-
Size
70KB
-
Sample
240611-a4p8laxgpq
-
MD5
df13e7c4120785532b4ea408b20be897
-
SHA1
5afeeca98d1d0cfc0b3cfc80589381f2d67ec9f4
-
SHA256
6cb8317e4071a853d268418ef6f5b0998617865465f3780ef093cd25f84dac4f
-
SHA512
e4125ae2f124e98b4901f88d260bfda8fb0f67cd97cd43c7785ad0dcc7c99c8a24e4be30265abc4337af7ca477a496a25589a11a3e18ae36233ed4c60eb4a9c5
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PX:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAX
Behavioral task
behavioral1
Sample
2024-06-11_df13e7c4120785532b4ea408b20be897_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-11_df13e7c4120785532b4ea408b20be897_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-11_df13e7c4120785532b4ea408b20be897_cryptolocker
-
Size
70KB
-
MD5
df13e7c4120785532b4ea408b20be897
-
SHA1
5afeeca98d1d0cfc0b3cfc80589381f2d67ec9f4
-
SHA256
6cb8317e4071a853d268418ef6f5b0998617865465f3780ef093cd25f84dac4f
-
SHA512
e4125ae2f124e98b4901f88d260bfda8fb0f67cd97cd43c7785ad0dcc7c99c8a24e4be30265abc4337af7ca477a496a25589a11a3e18ae36233ed4c60eb4a9c5
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PX:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAX
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-