General
-
Target
2024-01-25_97a24af89781422ee1e80bf6be8962e9_cryptolocker
-
Size
91KB
-
Sample
240125-ay5q4acfek
-
MD5
97a24af89781422ee1e80bf6be8962e9
-
SHA1
539494c623e62c7eec562d198b98d559a0987650
-
SHA256
82dbbaa987a5c959e5f6b2800d0f11948b6fd70d9ec18b92b56b9481c456ac97
-
SHA512
1888127ec0c0744d1fefc477face9e5e224f8c699137dc655fb3cf97b420d4b2565b3e0e35bff86e5e5ee9a3e4cadb6ab2fadf1d31b3f6b57b706763595aafd3
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/s:zCsanOtEvwDpjBs
Malware Config
Targets
-
-
Target
2024-01-25_97a24af89781422ee1e80bf6be8962e9_cryptolocker
-
Size
91KB
-
MD5
97a24af89781422ee1e80bf6be8962e9
-
SHA1
539494c623e62c7eec562d198b98d559a0987650
-
SHA256
82dbbaa987a5c959e5f6b2800d0f11948b6fd70d9ec18b92b56b9481c456ac97
-
SHA512
1888127ec0c0744d1fefc477face9e5e224f8c699137dc655fb3cf97b420d4b2565b3e0e35bff86e5e5ee9a3e4cadb6ab2fadf1d31b3f6b57b706763595aafd3
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/s:zCsanOtEvwDpjBs
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-