General
-
Target
2024-01-26_35af5482c561d6d9fea9244531a55ed5_cryptolocker
-
Size
104KB
-
Sample
240126-y8ejnadfh4
-
MD5
35af5482c561d6d9fea9244531a55ed5
-
SHA1
a0b84434ab155e4f449328e9c865224f576512b9
-
SHA256
883370f7ec4f1506d3f0b2fdf0bba86af485a6501a4625dac05a3789dd3d70ac
-
SHA512
6c6f6ed295bb918f332bfb6135755acc6e453cb29be5a6d703e2a527303807b18c3f14318c5283b20622a385555b785f720403b6ecdaad112f7a9450f56e5578
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWjy9h:xj+VGMOtEvwDpjubwQEIikuh
Malware Config
Targets
-
-
Target
2024-01-26_35af5482c561d6d9fea9244531a55ed5_cryptolocker
-
Size
104KB
-
MD5
35af5482c561d6d9fea9244531a55ed5
-
SHA1
a0b84434ab155e4f449328e9c865224f576512b9
-
SHA256
883370f7ec4f1506d3f0b2fdf0bba86af485a6501a4625dac05a3789dd3d70ac
-
SHA512
6c6f6ed295bb918f332bfb6135755acc6e453cb29be5a6d703e2a527303807b18c3f14318c5283b20622a385555b785f720403b6ecdaad112f7a9450f56e5578
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWjy9h:xj+VGMOtEvwDpjubwQEIikuh
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-