General
-
Target
2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker
-
Size
40KB
-
Sample
240613-dzpytawelq
-
MD5
1a7e78394b1343faccc2c00c0958e151
-
SHA1
8ad307764c17c4fb6f12d83f1c2fd7175a400ed4
-
SHA256
522e30cf56e2ddaa4c3fb1ebbd99996fe0df7756a6fa7bcbff3b01821b9d1afd
-
SHA512
071a33c6b4eb68921a6395e5d0edcf3f3cd5a17f8a9187af4468b438f725f1e6e8ad561f0e3e5b54a1f139002f1767bce843cc15c5a9e8ca2744921e6fea5b9d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDb2C:qDdFJy3QMOtEvwDpjjWMl7Td/
Behavioral task
behavioral1
Sample
2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-13_1a7e78394b1343faccc2c00c0958e151_cryptolocker
-
Size
40KB
-
MD5
1a7e78394b1343faccc2c00c0958e151
-
SHA1
8ad307764c17c4fb6f12d83f1c2fd7175a400ed4
-
SHA256
522e30cf56e2ddaa4c3fb1ebbd99996fe0df7756a6fa7bcbff3b01821b9d1afd
-
SHA512
071a33c6b4eb68921a6395e5d0edcf3f3cd5a17f8a9187af4468b438f725f1e6e8ad561f0e3e5b54a1f139002f1767bce843cc15c5a9e8ca2744921e6fea5b9d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDb2C:qDdFJy3QMOtEvwDpjjWMl7Td/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-