Behavioral task
behavioral1
Sample
2024-09-06_45c79e6e894a8c9b9d5e2f55a3c0c05a_cryptolocker.exe
Resource
win7-20240903-en
General
-
Target
2024-09-06_45c79e6e894a8c9b9d5e2f55a3c0c05a_cryptolocker
-
Size
90KB
-
MD5
45c79e6e894a8c9b9d5e2f55a3c0c05a
-
SHA1
b8e210bbcc4a19a6e79cf999098b6aec0f350b16
-
SHA256
d34c83c18e55787394c84cb63aa8761561559968d3713be9d78a83bc4ff1e540
-
SHA512
d723036b8b318610d18136105b72ccc7c6b89a7cef016782fd948d851615fea75d02024bb36ae59b26287d56d7127949175c43e71eb2ea1febb2e333d1b24ba4
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/S:n6a+1SEOtEvwDpjYYvQd2PJ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-09-06_45c79e6e894a8c9b9d5e2f55a3c0c05a_cryptolocker
Files
-
2024-09-06_45c79e6e894a8c9b9d5e2f55a3c0c05a_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 20KB - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE