General
-
Target
2024-06-12_201033eeca3b343ad3e6189baf2ce71a_cryptolocker
-
Size
40KB
-
Sample
240612-xdm2wazann
-
MD5
201033eeca3b343ad3e6189baf2ce71a
-
SHA1
271f6e5ebad794b93aa1593fc4202caaa77eb099
-
SHA256
4f02fd4706d3b6e6b176c16c896c330dd76c9b4e12accbfb211fab1903740b6c
-
SHA512
37be6810d082afa1ee24bc73a0379e5dc09763d714c4cc09222ba0a9442ee83b8839d048a823e79f296056592fd24be37c7250385423b9a470b15dd0c6146ad6
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Fr:qDdFJy3QMOtEvwDpjjWMl7Ta
Behavioral task
behavioral1
Sample
2024-06-12_201033eeca3b343ad3e6189baf2ce71a_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-12_201033eeca3b343ad3e6189baf2ce71a_cryptolocker.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2024-06-12_201033eeca3b343ad3e6189baf2ce71a_cryptolocker
-
Size
40KB
-
MD5
201033eeca3b343ad3e6189baf2ce71a
-
SHA1
271f6e5ebad794b93aa1593fc4202caaa77eb099
-
SHA256
4f02fd4706d3b6e6b176c16c896c330dd76c9b4e12accbfb211fab1903740b6c
-
SHA512
37be6810d082afa1ee24bc73a0379e5dc09763d714c4cc09222ba0a9442ee83b8839d048a823e79f296056592fd24be37c7250385423b9a470b15dd0c6146ad6
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Fr:qDdFJy3QMOtEvwDpjjWMl7Ta
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-