Static task
static1
Behavioral task
behavioral1
Sample
2024-06-14_c450eb6d3351683cf1db879601211ba8_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-14_c450eb6d3351683cf1db879601211ba8_cryptolocker.exe
Resource
win10v2004-20240611-en
General
-
Target
2024-06-14_c450eb6d3351683cf1db879601211ba8_cryptolocker
-
Size
42KB
-
MD5
c450eb6d3351683cf1db879601211ba8
-
SHA1
dd04fab4b7c1d2b6954ad1f6e60f86dbaa4e5022
-
SHA256
88c327ad9a674e4d50d78bc84cd0eb3a495333012540644961804251571857eb
-
SHA512
3226d061719b6abfd62c7fa3a0d89713f0847efaad324edcf71158f7101ef1f4e131a497c10fa88e4f02eaf7deb61354b0158be28c92704d5c64b6dfcc5c799a
-
SSDEEP
768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLeJAsKuDb7x0:ZzFbxmLPWQMOtEvwDpjLeJAsKcb7O
Malware Config
Signatures
-
Detection of CryptoLocker Variants 1 IoCs
resource yara_rule sample CryptoLocker_rule2 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-14_c450eb6d3351683cf1db879601211ba8_cryptolocker
Files
-
2024-06-14_c450eb6d3351683cf1db879601211ba8_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 10KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
petite Size: 334B - Virtual size: 334B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ