General
-
Target
2024-01-18_901c5b7b3e530fe0a1310112d1f4d562_cryptolocker
-
Size
59KB
-
Sample
240118-22fd6aeagj
-
MD5
901c5b7b3e530fe0a1310112d1f4d562
-
SHA1
f81e0b9e8588fa9b6ffb7f5fe194149c49ebddbf
-
SHA256
1e5b14efa3f83473455d783a4c94530265657a6da9bfe0ef78c4ae37208c14b5
-
SHA512
44d50d9085faf7fede0355693ecbbf7be78b95b951f2f2378cc6ec34b829136a78332f6b8811dd99aa3bcfe33a703fedbc31e0977e9c2aaab4f0255a628eaf4b
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwD3:xj+VGMOtEvwDpjubEgywL
Malware Config
Targets
-
-
Target
2024-01-18_901c5b7b3e530fe0a1310112d1f4d562_cryptolocker
-
Size
59KB
-
MD5
901c5b7b3e530fe0a1310112d1f4d562
-
SHA1
f81e0b9e8588fa9b6ffb7f5fe194149c49ebddbf
-
SHA256
1e5b14efa3f83473455d783a4c94530265657a6da9bfe0ef78c4ae37208c14b5
-
SHA512
44d50d9085faf7fede0355693ecbbf7be78b95b951f2f2378cc6ec34b829136a78332f6b8811dd99aa3bcfe33a703fedbc31e0977e9c2aaab4f0255a628eaf4b
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwD3:xj+VGMOtEvwDpjubEgywL
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-