2024-09-19_b1f78c27624afe9502ced2de42c7020e_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_b1f78c27624afe9502ced2de42c7020e_cryptolocker
Size

84KB
MD5

b1f78c27624afe9502ced2de42c7020e
SHA1

87161491dda40f1424d42789ca9b47af61195c17
SHA256

2afb36bc788ae434731dd7b412b1e257a24319740b887d4107a0121d67cc6611
SHA512

2f6b51883c886ede32abc64214ba2cfdc8c5d61ad5ea95f39681c7a93b39f59c4010b3eba70cfd6aafafdf69413477d53ee993b39feb2905b139dcd4ec84b047
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvc9:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8c9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_b1f78c27624afe9502ced2de42c7020e_cryptolocker

Files

2024-09-19_b1f78c27624afe9502ced2de42c7020e_cryptolocker
.exe windows:5 windows x86 arch:x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE