Behavioral task
behavioral1
Sample
2024-09-14_a85acc74b88cc5bbb559dc6046ce6ccf_cryptolocker.exe
Resource
win7-20240903-en
General
-
Target
2024-09-14_a85acc74b88cc5bbb559dc6046ce6ccf_cryptolocker
-
Size
69KB
-
MD5
a85acc74b88cc5bbb559dc6046ce6ccf
-
SHA1
ce034a1b16b432aaafbcff7c5a8bbb27d4b4dadf
-
SHA256
0fb25ecd3683847221318fd4f54e3c4541444b6ed42eb326d138b18e82ac1625
-
SHA512
d52201fe3c125b03167877ad4f7f4db3229736d0ccd7a610f814b6a6f1c6fcad346d0bf7444bf5ecc1a7a1cb5d907fe4556fd8f1dacb3a98a42c8754d5671ea6
-
SSDEEP
1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQApW:78SEOtEvwDpjWYvQd2P0
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 2024-09-14_a85acc74b88cc5bbb559dc6046ce6ccf_cryptolocker unpack001/out.upx
Files
-
2024-09-14_a85acc74b88cc5bbb559dc6046ce6ccf_cryptolocker.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ