General
-
Target
2024-01-25_9fcec53986a5ded7f59f8b99f77c53c3_cryptolocker
-
Size
86KB
-
Sample
240125-kg3khscgej
-
MD5
9fcec53986a5ded7f59f8b99f77c53c3
-
SHA1
303f9211c76b5da6e19eec3a80d5fc059999a42d
-
SHA256
54b262f4e8128a9bbdfba5f8f7b64ca7ca6571c23c002bb9ab9a07dde4631de6
-
SHA512
f5833f067186e1fd6e3f3f9ef366c1ea22c3d7f1492342d58fe20f4a2be3c0758b95fc63fc90d4931ab4151e29a462962183b556ecf03ddd7715e4ed4d4ea51b
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg6l:AnBdOOtEvwDpj6zK
Malware Config
Targets
-
-
Target
2024-01-25_9fcec53986a5ded7f59f8b99f77c53c3_cryptolocker
-
Size
86KB
-
MD5
9fcec53986a5ded7f59f8b99f77c53c3
-
SHA1
303f9211c76b5da6e19eec3a80d5fc059999a42d
-
SHA256
54b262f4e8128a9bbdfba5f8f7b64ca7ca6571c23c002bb9ab9a07dde4631de6
-
SHA512
f5833f067186e1fd6e3f3f9ef366c1ea22c3d7f1492342d58fe20f4a2be3c0758b95fc63fc90d4931ab4151e29a462962183b556ecf03ddd7715e4ed4d4ea51b
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMg6l:AnBdOOtEvwDpj6zK
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-