2024-06-12_3d41a4e41973761b312879fa061c2759_cryptolocker

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-12_3d41a4e41973761b312879fa061c2759_cryptolocker
Size

44KB
MD5

3d41a4e41973761b312879fa061c2759
SHA1

ee2c2a95fc4428b4abb5883da1912fb1ebbb3b91
SHA256

4243f5fcf5410fc5941f4b38feaac144d924303ec7c7f21e618085939010e3d0
SHA512

61e6d22353a961f9b53ff38ac692c0502a14c673e3c487ca32bca539a9fef1a0abe4bd7ec59572a6deca891cfe52282fdfc17f7cae68b4567bf6ec3374831546
SSDEEP

768:nf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGWXOQ69zbjlAAb:f1KhxqwtdgI2MyzNORQtOflIwoHNV2Xx

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Files

2024-06-12_3d41a4e41973761b312879fa061c2759_cryptolocker
.exe windows:5 windows x86 arch:x86

db206e36db5c9492ce02c61a679129e2

Code Sign

33:00:00:04:39:f6:1f:7a:67:6d:a0:00:af:00:00:00:00:04:39
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-09-2021 18:25

Not After

01-09-2022 18:25

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-09-2021 18:33

Not After

01-09-2022 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39
Signer

Actual PE Digest

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39

Digest Algorithm

sha256

PE Digest Matches

false

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39
Signer

Actual PE Digest

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
DispatchMessageA
DrawTextA
EndPaint
TranslateMessage
GetMessageA
PostQuitMessage
ShowWindow
UpdateWindow
MoveWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
MessageBoxA
SendMessageA
LoadIconA
DestroyWindow
LoadCursorA
GetClientRect
GetWindowRect

kernel32

GetLastError
lstrcpyA
GetModuleHandleA
GetCommandLineA
DeleteFileA
CloseHandle
CreateFileA

gdi32

DeleteObject
CreateFontIndirectA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db206e36db5c9492ce02c61a679129e2

Code Sign

33:00:00:04:39:f6:1f:7a:67:6d:a0:00:af:00:00:00:00:04:39Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39Signer

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39Signer

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 10KB

33:00:00:04:39:f6:1f:7a:67:6d:a0:00:af:00:00:00:00:04:39
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39
Signer

27:05:9e:a9:04:4d:39:c6:7c:9c:85:89:d6:e0:a7:65:88:d7:4d:c6:3f:b0:24:c9:f0:90:cd:5c:dc:f7:e1:39
Signer

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 10KB