General
-
Target
2024-01-24_de64261bf9e197f690c6df78e8971c7d_cryptolocker
-
Size
52KB
-
Sample
240124-qsfssabef9
-
MD5
de64261bf9e197f690c6df78e8971c7d
-
SHA1
a8a69f35b842de1776d2ff62f6349a9c7f434f24
-
SHA256
ab65c722fea6c4946bbd5dd347271c294e3fae189bb9ee6b3843943b904ca0e7
-
SHA512
b2d97e24f3fc83f12c5831d83e57f0a2ea281ed26d502529e86e666390c450e2251a8d7676cfb6ba0867ea3dad5800c59938504cb9ab7f08a44ebc885eb6746f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz77:6j+1NMOtEvwDpjr8oxEV
Malware Config
Targets
-
-
Target
2024-01-24_de64261bf9e197f690c6df78e8971c7d_cryptolocker
-
Size
52KB
-
MD5
de64261bf9e197f690c6df78e8971c7d
-
SHA1
a8a69f35b842de1776d2ff62f6349a9c7f434f24
-
SHA256
ab65c722fea6c4946bbd5dd347271c294e3fae189bb9ee6b3843943b904ca0e7
-
SHA512
b2d97e24f3fc83f12c5831d83e57f0a2ea281ed26d502529e86e666390c450e2251a8d7676cfb6ba0867ea3dad5800c59938504cb9ab7f08a44ebc885eb6746f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz77:6j+1NMOtEvwDpjr8oxEV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-