General
-
Target
2024-01-24_70dd89fc287e9b3f796b28747db8a7d8_cryptolocker
-
Size
93KB
-
Sample
240124-d97xdahfdj
-
MD5
70dd89fc287e9b3f796b28747db8a7d8
-
SHA1
5c4d345a8db404355cc1e85bbb169e724d39b149
-
SHA256
fa9a54b439a976edeb0da1f46f017b8bb667de9dfd5b97bce6607b152b858688
-
SHA512
4c6cd3c10cb7d3b2aa413cf6b493eba2d7ca874e59cbfce671b7e77bc31ae75d9fe562142ce3c99cc81796088a3e3ede0aa54b29c788cd13a93bab9eb7a69ca6
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJkx:xj+VGMOtEvwDpjubwQEIiVmkU
Malware Config
Targets
-
-
Target
2024-01-24_70dd89fc287e9b3f796b28747db8a7d8_cryptolocker
-
Size
93KB
-
MD5
70dd89fc287e9b3f796b28747db8a7d8
-
SHA1
5c4d345a8db404355cc1e85bbb169e724d39b149
-
SHA256
fa9a54b439a976edeb0da1f46f017b8bb667de9dfd5b97bce6607b152b858688
-
SHA512
4c6cd3c10cb7d3b2aa413cf6b493eba2d7ca874e59cbfce671b7e77bc31ae75d9fe562142ce3c99cc81796088a3e3ede0aa54b29c788cd13a93bab9eb7a69ca6
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJkx:xj+VGMOtEvwDpjubwQEIiVmkU
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-