General
-
Target
2024-01-27_792417c49b92e65c8b1706deaa0e1a72_cryptolocker
-
Size
84KB
-
Sample
240127-1drlvacfh7
-
MD5
792417c49b92e65c8b1706deaa0e1a72
-
SHA1
afe4c15a8e6c3e51bb1c67d04747fadbb9de8a66
-
SHA256
d530c42cf03f96c8b6ef58fdf8b903951104ac7c1e4fa24691a895d5ec7e286c
-
SHA512
28102e569a90a1d927fd14cb83a879922a7db161ee125b7fb7f9f5d77c289554cb4fa07e7f00be7d842e7a60bb619b73a5f8d23c4542b74d230656734d2ee417
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxhl:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8Xl
Malware Config
Targets
-
-
Target
2024-01-27_792417c49b92e65c8b1706deaa0e1a72_cryptolocker
-
Size
84KB
-
MD5
792417c49b92e65c8b1706deaa0e1a72
-
SHA1
afe4c15a8e6c3e51bb1c67d04747fadbb9de8a66
-
SHA256
d530c42cf03f96c8b6ef58fdf8b903951104ac7c1e4fa24691a895d5ec7e286c
-
SHA512
28102e569a90a1d927fd14cb83a879922a7db161ee125b7fb7f9f5d77c289554cb4fa07e7f00be7d842e7a60bb619b73a5f8d23c4542b74d230656734d2ee417
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxhl:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8Xl
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-