General
-
Target
2024-01-28_f184844688b1851fb077165d8c511af2_cryptolocker
-
Size
39KB
-
Sample
240128-kn2xkafcf2
-
MD5
f184844688b1851fb077165d8c511af2
-
SHA1
32bf3ad8e64bb89d2b51e0127648572ce6228b47
-
SHA256
6f4d470525bcef78c12fb6527ae2424ebfea6b37a8f67e8ca01dda134c11f57c
-
SHA512
1e1141874c4d84b1ed4890f3cbc2a17951dfae79a7abdcc91a72a0c00f4f774ce7b182910530b054ff66640e04beb22fe7cf20f1df5b4bd79e95cd8f3e4eb5a8
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMxyqU:6j+1NMOtEvwDpjrfM
Malware Config
Targets
-
-
Target
2024-01-28_f184844688b1851fb077165d8c511af2_cryptolocker
-
Size
39KB
-
MD5
f184844688b1851fb077165d8c511af2
-
SHA1
32bf3ad8e64bb89d2b51e0127648572ce6228b47
-
SHA256
6f4d470525bcef78c12fb6527ae2424ebfea6b37a8f67e8ca01dda134c11f57c
-
SHA512
1e1141874c4d84b1ed4890f3cbc2a17951dfae79a7abdcc91a72a0c00f4f774ce7b182910530b054ff66640e04beb22fe7cf20f1df5b4bd79e95cd8f3e4eb5a8
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMxyqU:6j+1NMOtEvwDpjrfM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-