General
-
Target
2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker
-
Size
70KB
-
Sample
240611-a4twsaxcqb
-
MD5
e420cf19f333593700820b79d23b8e76
-
SHA1
4a151065701d576d556e0e86bb3e11c06b005c40
-
SHA256
d9e3d5a18ee943a4dab28f77bcfd7ce0053e4bafde0eee0745702751f015a15e
-
SHA512
f53c3be4ede083c50d8961c5265f6ca6e1d78b632e0b6740df637d32aac8fd5ea9724ce936250b0963f0e4d2a69705cb871264a7b7e02c3858489b3e48044ef4
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pe:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAe
Behavioral task
behavioral1
Sample
2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-11_e420cf19f333593700820b79d23b8e76_cryptolocker
-
Size
70KB
-
MD5
e420cf19f333593700820b79d23b8e76
-
SHA1
4a151065701d576d556e0e86bb3e11c06b005c40
-
SHA256
d9e3d5a18ee943a4dab28f77bcfd7ce0053e4bafde0eee0745702751f015a15e
-
SHA512
f53c3be4ede083c50d8961c5265f6ca6e1d78b632e0b6740df637d32aac8fd5ea9724ce936250b0963f0e4d2a69705cb871264a7b7e02c3858489b3e48044ef4
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pe:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAe
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-