2024-09-07_dca588283d534d6f4dae0add1828894d_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-07_dca588283d534d6f4dae0add1828894d_cryptolocker
Size

28KB
MD5

dca588283d534d6f4dae0add1828894d
SHA1

c2190f52547e61b3269a9d8aa5272d6add01da3d
SHA256

271e4e841694fc256a82af5cbc25cc3244a499414b07b5209efcf32cc8b6fd73
SHA512

fa2eddbb3d2c0c6e3dabcdf519d4f14fd00e5bf8e997535aada8b49c2cb7a828233aa0a894399abdf18e92d509eb3d846033a2bcacf0afa9cff26572343a9739
SSDEEP

384:IRFBeh31bMERxVoxMCkmvuzbyPtfPuUR9/slK67vvxlLI6tOOtEvwDpjqIGRA:IRFBgME4kmW6FtnKn7DI6tOOtEvwDpjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-07_dca588283d534d6f4dae0add1828894d_cryptolocker

Files

2024-09-07_dca588283d534d6f4dae0add1828894d_cryptolocker
.exe windows:5 windows x86 arch:x86

1a37837ee1c6a4695e0f8fcef0f6b4f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

gdi32

CreateFontIndirectA

user32

EndPaint

Sections

.MPRESS1
Size: 13KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE