General
-
Target
2024-01-24_5620dea3bfd4f229bf29c571b4ced7f2_cryptolocker
-
Size
39KB
-
Sample
240124-nmzbtshadp
-
MD5
5620dea3bfd4f229bf29c571b4ced7f2
-
SHA1
fbbd861ea00993064f3e04e2fa82b97d193940a7
-
SHA256
737cb110d7d122ab80cb26f410821809ecb95f8cae3b251f7368ddd30e055b72
-
SHA512
b36f215c9dcbc99f2c423dfd7aa35461a6f4aa071da438bd7b2accf7037f3d2e3fad9b7c9777291244082d21e151fd1767f8c08cfbafbfc08063f2467e23fc9a
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaj9Yr:6j+1NMOtEvwDpjrobCr
Malware Config
Targets
-
-
Target
2024-01-24_5620dea3bfd4f229bf29c571b4ced7f2_cryptolocker
-
Size
39KB
-
MD5
5620dea3bfd4f229bf29c571b4ced7f2
-
SHA1
fbbd861ea00993064f3e04e2fa82b97d193940a7
-
SHA256
737cb110d7d122ab80cb26f410821809ecb95f8cae3b251f7368ddd30e055b72
-
SHA512
b36f215c9dcbc99f2c423dfd7aa35461a6f4aa071da438bd7b2accf7037f3d2e3fad9b7c9777291244082d21e151fd1767f8c08cfbafbfc08063f2467e23fc9a
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaj9Yr:6j+1NMOtEvwDpjrobCr
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-