General
-
Target
2024-01-18_67b87acbed19b3509281999771231ef3_cryptolocker
-
Size
92KB
-
Sample
240118-2tf1qadafj
-
MD5
67b87acbed19b3509281999771231ef3
-
SHA1
fd0721b58152d22ee98399c66bd55bb44a863b60
-
SHA256
e3643babf8618d56aa95e5ba53bbfbc548ec6d2d62fd496262fa7baf971c860c
-
SHA512
b009486f02701f5288fa2e48528e7e64d99b8e9e82bc8d348216344a21a1c9645c4dd862ddd56a7c6b727ccec4e0f85232bb6f712ca71ecef7b5dedbd7c231c7
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJN:xj+VGMOtEvwDpjubwQEIiVmkp
Malware Config
Targets
-
-
Target
2024-01-18_67b87acbed19b3509281999771231ef3_cryptolocker
-
Size
92KB
-
MD5
67b87acbed19b3509281999771231ef3
-
SHA1
fd0721b58152d22ee98399c66bd55bb44a863b60
-
SHA256
e3643babf8618d56aa95e5ba53bbfbc548ec6d2d62fd496262fa7baf971c860c
-
SHA512
b009486f02701f5288fa2e48528e7e64d99b8e9e82bc8d348216344a21a1c9645c4dd862ddd56a7c6b727ccec4e0f85232bb6f712ca71ecef7b5dedbd7c231c7
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJN:xj+VGMOtEvwDpjubwQEIiVmkp
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-