2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker | Triage

Sharing

General

Target

2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker
Size

44KB
MD5

23769ef40e1a3e0a680efa275aad9878
SHA1

885827c4c1686f3d99e9576142ba4510cb080951
SHA256

159a46eaaa24c97d158f5accffef5fcd323eecf877f8799b836b411148ae7bbd
SHA512

a8ff675a8d5867c1ea06ac07bef6c31bb1bec5d465eed38d76cb5c74ae7e83b24c9cadd64b60207bde55beaac481ad94c44a1e881719435c42bdfe2b8e3a4059
SSDEEP

768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n93:m5nkFNMOtEvwDpjG8hgpY193

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker

Files

2024-09-05_23769ef40e1a3e0a680efa275aad9878_cryptolocker
.exe windows:5 windows x86 arch:x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE