General
-
Target
2024-01-25_948e43d3a413171542677e974a15fdf7_cryptolocker
-
Size
125KB
-
Sample
240125-fbs2nsgdg2
-
MD5
948e43d3a413171542677e974a15fdf7
-
SHA1
542ae7d2c557bd1b1902ef97c7d4452fe154a1e3
-
SHA256
284181e27375feeee029d967b7dbf2afc75dc853908ba05035d66603a8f1e0d7
-
SHA512
b5d9d719db87ad7bce0699ddcaf7500a5782ca687764552b058c60ade15002d93b12652280b66b6a4cb48c1e0fa8cf4564081ca94461f46edcda230cbab23619
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eL:AnBdOOtEvwDpj6zB
Malware Config
Targets
-
-
Target
2024-01-25_948e43d3a413171542677e974a15fdf7_cryptolocker
-
Size
125KB
-
MD5
948e43d3a413171542677e974a15fdf7
-
SHA1
542ae7d2c557bd1b1902ef97c7d4452fe154a1e3
-
SHA256
284181e27375feeee029d967b7dbf2afc75dc853908ba05035d66603a8f1e0d7
-
SHA512
b5d9d719db87ad7bce0699ddcaf7500a5782ca687764552b058c60ade15002d93b12652280b66b6a4cb48c1e0fa8cf4564081ca94461f46edcda230cbab23619
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eL:AnBdOOtEvwDpj6zB
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-