General
-
Target
2024-06-13_9b0a4aced5dc1a1af7b0155e75b7cccf_cryptolocker
-
Size
41KB
-
Sample
240613-ldqxzswgrr
-
MD5
9b0a4aced5dc1a1af7b0155e75b7cccf
-
SHA1
679155f2ccc560e607c4cdb1b4dc73721283f2da
-
SHA256
ddb95c94e7a8dc5e0e27a7a7f81ccf822853439e381738f0157aa6ea361cc1c1
-
SHA512
4833435602983bdeeb597362fca1ccef16626dba9c218b83493ba8109dda0723a990a95eaf6203d2851af39a2fe9248ba12ec9652cb99db68ae57f36e5b3a1df
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/0W:qDdFJy3QMOtEvwDpjjWMl7Ty
Behavioral task
behavioral1
Sample
2024-06-13_9b0a4aced5dc1a1af7b0155e75b7cccf_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-13_9b0a4aced5dc1a1af7b0155e75b7cccf_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-13_9b0a4aced5dc1a1af7b0155e75b7cccf_cryptolocker
-
Size
41KB
-
MD5
9b0a4aced5dc1a1af7b0155e75b7cccf
-
SHA1
679155f2ccc560e607c4cdb1b4dc73721283f2da
-
SHA256
ddb95c94e7a8dc5e0e27a7a7f81ccf822853439e381738f0157aa6ea361cc1c1
-
SHA512
4833435602983bdeeb597362fca1ccef16626dba9c218b83493ba8109dda0723a990a95eaf6203d2851af39a2fe9248ba12ec9652cb99db68ae57f36e5b3a1df
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY/0W:qDdFJy3QMOtEvwDpjjWMl7Ty
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-