General
-
Target
2024-01-18_130ac9196cd76b0fc905b510dbdf743c_cryptolocker
-
Size
99KB
-
Sample
240118-2c4epaahfp
-
MD5
130ac9196cd76b0fc905b510dbdf743c
-
SHA1
6cbfdc2c885acc8d9edbf71bc48bb25e550910ff
-
SHA256
393f085f9b3e7594b2695fb584f7bd6a85fa421d71fc2311e346602df27113ac
-
SHA512
aaaf1b0fecddd9c278ef16c9d5ab52691d97ebc3819c815aed9a313059e99f25dc54acc4fde0996bee4d62919115013bedce0184395ab3132940d26fadd14659
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjzUNE:i5nkFGMOtEvwDpjNbwQEIikgNE
Malware Config
Targets
-
-
Target
2024-01-18_130ac9196cd76b0fc905b510dbdf743c_cryptolocker
-
Size
99KB
-
MD5
130ac9196cd76b0fc905b510dbdf743c
-
SHA1
6cbfdc2c885acc8d9edbf71bc48bb25e550910ff
-
SHA256
393f085f9b3e7594b2695fb584f7bd6a85fa421d71fc2311e346602df27113ac
-
SHA512
aaaf1b0fecddd9c278ef16c9d5ab52691d97ebc3819c815aed9a313059e99f25dc54acc4fde0996bee4d62919115013bedce0184395ab3132940d26fadd14659
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjzUNE:i5nkFGMOtEvwDpjNbwQEIikgNE
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-