2024-06-24_95562ad80e1b1206884f3f4303f3c29a_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_95562ad80e1b1206884f3f4303f3c29a_cryptolocker
Size

1.2MB
MD5

95562ad80e1b1206884f3f4303f3c29a
SHA1

f241f7d03e53187f7067e7ff0dd64ada11f86498
SHA256

6dab3ff980535f428fe9951ba1ffc22a2a730aa8388cf7a2a674229f9f20f3cf
SHA512

79702c12efa5fbd76af1940ea23640af7f7e8d48643ebe504929b1ee6c020c5d35024e7e7415b8ab269ce682679df3fb3d3aef8a247e9501a65629a43e19beca
SSDEEP

24576:gwjBPlC5mgzqAs+7ILcCtNcHD00ByjkCZxP8hNWb1JGwZwdgpGqCg:gwdPlCggmI0LcCHV00kCZxUflqhGqv

Score

10^/10

Malware Config

Signatures

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-24_95562ad80e1b1206884f3f4303f3c29a_cryptolocker

Files

2024-06-24_95562ad80e1b1206884f3f4303f3c29a_cryptolocker
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 202KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 945KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE