General
-
Target
2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker
-
Size
40KB
-
Sample
240613-ld3lsasfrc
-
MD5
cfa038a9c0d6d7060e809b99bd30f778
-
SHA1
5661c87a39e92e5e147d1a8cfa876fc825aafd66
-
SHA256
fd3022968d1abef2fceb469732ccf395727a86443569228ff45edb82b1843e0b
-
SHA512
f5829ce04121c3584f32de6e8f972fcf8ff49b86544de6fbd2690570e0a00e63f81a479374036b4be366aa4aff816be0183a4bfed8277115456657a85ad131bb
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9X4:qDdFJy3QMOtEvwDpjjWMl7T3
Behavioral task
behavioral1
Sample
2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2024-06-13_cfa038a9c0d6d7060e809b99bd30f778_cryptolocker
-
Size
40KB
-
MD5
cfa038a9c0d6d7060e809b99bd30f778
-
SHA1
5661c87a39e92e5e147d1a8cfa876fc825aafd66
-
SHA256
fd3022968d1abef2fceb469732ccf395727a86443569228ff45edb82b1843e0b
-
SHA512
f5829ce04121c3584f32de6e8f972fcf8ff49b86544de6fbd2690570e0a00e63f81a479374036b4be366aa4aff816be0183a4bfed8277115456657a85ad131bb
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9X4:qDdFJy3QMOtEvwDpjjWMl7T3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-