2024-09-28_bf6e8b4f16be38410c00bbf5f3899f3e_cryptolocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-28_bf6e8b4f16be38410c00bbf5f3899f3e_cryptolocker
Size

45KB
MD5

bf6e8b4f16be38410c00bbf5f3899f3e
SHA1

157d50868575bdb8fc0f9b299a220805878198b4
SHA256

091d5b35a4e6940c2b32d27547bc4b84cd04d265df97001c4e105f3b798f6aea
SHA512

28146f67a5788bbf9700b8f85efcbf615864ca23795d367230ca07ed7864ee270db7a67ddc8fdba24b5a0b34437fcaecd4027b54b7c8f243c955a63156659f12
SSDEEP

768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n9wB:m5nkFNMOtEvwDpjG8hgpY19q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-28_bf6e8b4f16be38410c00bbf5f3899f3e_cryptolocker

Files

2024-09-28_bf6e8b4f16be38410c00bbf5f3899f3e_cryptolocker
.exe windows:5 windows x86 arch:x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE