General
-
Target
2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker
-
Size
81KB
-
Sample
240612-xjyqkazcnq
-
MD5
b9c9bf94886990023da10cbfba29c9f6
-
SHA1
a152d1fbbdcf9285b1f3c60f5ab31decf8010f22
-
SHA256
79f487ce6d5b40f87ebd2e1c2af64f80eef73b916060eceb78c0f7a1a7a5a49c
-
SHA512
bf0a62394183fefbfa6398271f88d9dc574bfa5aefe431cbff502f1da4a639acf8fd45cd0927754871d45023db034bb0b4fa1c5d70fee38589be7b7b3598dd01
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QX/:zCsanOtEvwDpjr
Behavioral task
behavioral1
Sample
2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-12_b9c9bf94886990023da10cbfba29c9f6_cryptolocker
-
Size
81KB
-
MD5
b9c9bf94886990023da10cbfba29c9f6
-
SHA1
a152d1fbbdcf9285b1f3c60f5ab31decf8010f22
-
SHA256
79f487ce6d5b40f87ebd2e1c2af64f80eef73b916060eceb78c0f7a1a7a5a49c
-
SHA512
bf0a62394183fefbfa6398271f88d9dc574bfa5aefe431cbff502f1da4a639acf8fd45cd0927754871d45023db034bb0b4fa1c5d70fee38589be7b7b3598dd01
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QX/:zCsanOtEvwDpjr
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-