General
-
Target
2024-08-25_aa0f4531207419b7864790593e7beca3_cryptolocker
-
Size
40KB
-
Sample
240825-hqqk7ssenq
-
MD5
aa0f4531207419b7864790593e7beca3
-
SHA1
7399a016bbda9cae5253bd9912bf77c1f53972a5
-
SHA256
86d841d263fb9aeeba6bf67ed87004c78010e09a56b93ed514e3301454afe123
-
SHA512
7bfd1ab05bcf45bcaee231c89a1ff4c80d2ad61abb6f0b667b2f7fc5a1d3aa2c8b9e57463ef26857eb8083dcc2440679bcfb832d69010d32ea1a2ffe26722549
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IujdxNX6vX+:b/yC4GyNM01GuQMNXw2PSj1Pqq8BO+
Static task
static1
Behavioral task
behavioral1
Sample
2024-08-25_aa0f4531207419b7864790593e7beca3_cryptolocker.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
2024-08-25_aa0f4531207419b7864790593e7beca3_cryptolocker.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-08-25_aa0f4531207419b7864790593e7beca3_cryptolocker
-
Size
40KB
-
MD5
aa0f4531207419b7864790593e7beca3
-
SHA1
7399a016bbda9cae5253bd9912bf77c1f53972a5
-
SHA256
86d841d263fb9aeeba6bf67ed87004c78010e09a56b93ed514e3301454afe123
-
SHA512
7bfd1ab05bcf45bcaee231c89a1ff4c80d2ad61abb6f0b667b2f7fc5a1d3aa2c8b9e57463ef26857eb8083dcc2440679bcfb832d69010d32ea1a2ffe26722549
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IujdxNX6vX+:b/yC4GyNM01GuQMNXw2PSj1Pqq8BO+
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-