General
-
Target
2024-01-24_df5f21663fae222dc8200dc7162ef067_cryptolocker
-
Size
57KB
-
Sample
240124-ejezcaaabl
-
MD5
df5f21663fae222dc8200dc7162ef067
-
SHA1
6f38c58da9cd5b75ea456d9e30af37c7111fee23
-
SHA256
c2a36375b9c43377b79ab7bac246f6c1fb36f5e307ab5b8dfdb89d2ad9192f59
-
SHA512
c683cf4e48978165cc7dc4a4f197cf126844d538143556dc08226b528ecb73ec0be5ac68ee8c30d574e3144e37a76d93142693291d2729e25546b45c4febe4ed
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEK:xj+VGMOtEvwDpjubEgywEK
Malware Config
Targets
-
-
Target
2024-01-24_df5f21663fae222dc8200dc7162ef067_cryptolocker
-
Size
57KB
-
MD5
df5f21663fae222dc8200dc7162ef067
-
SHA1
6f38c58da9cd5b75ea456d9e30af37c7111fee23
-
SHA256
c2a36375b9c43377b79ab7bac246f6c1fb36f5e307ab5b8dfdb89d2ad9192f59
-
SHA512
c683cf4e48978165cc7dc4a4f197cf126844d538143556dc08226b528ecb73ec0be5ac68ee8c30d574e3144e37a76d93142693291d2729e25546b45c4febe4ed
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEK:xj+VGMOtEvwDpjubEgywEK
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-