Static task
static1
Behavioral task
behavioral1
Sample
2024-08-29_cefbd081217a8332d4605f0d046c0f07_cryptolocker.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2024-08-29_cefbd081217a8332d4605f0d046c0f07_cryptolocker.exe
Resource
win10v2004-20240802-en
General
-
Target
2024-08-29_cefbd081217a8332d4605f0d046c0f07_cryptolocker
-
Size
80KB
-
MD5
cefbd081217a8332d4605f0d046c0f07
-
SHA1
a285e0df71f1b8bb5e3b9c2d6400f05dc60691d5
-
SHA256
0867e6b667a76435d996be71155c7d4a2a9c205ef669b0a2e4e0ac22cba00e43
-
SHA512
52a518d85ee22cfd77b35653f197dfd2d65b392435398fbf7c0fcd98604d689ff35ef1e3ecbb6f3fdf39c6e74f109914d632980d07c9e3a414dc6c77597c7a72
-
SSDEEP
1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHsoLktNI:X6a+SOtEvwDpjBZYvQd2H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-08-29_cefbd081217a8332d4605f0d046c0f07_cryptolocker
Files
-
2024-08-29_cefbd081217a8332d4605f0d046c0f07_cryptolocker.exe windows:5 windows x86 arch:x86
7ba3aa8366ce167c7a77ebd6e6fea8e5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
PostQuitMessage
GetMessageA
UpdateWindow
EndPaint
DispatchMessageA
BeginPaint
TranslateMessage
MoveWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
MessageBoxA
SendMessageA
DestroyWindow
LoadCursorA
LoadIconA
ShowWindow
GetWindowRect
kernel32
GetLastError
lstrcpyA
GetModuleHandleA
GetCommandLineA
FindFirstFileA
FormatMessageA
FindClose
FindNextFileA
DeleteFileA
CloseHandle
GetACP
CreateFileA
gdi32
CreateFontIndirectA
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 536B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ