General
-
Target
2024-01-28_48e561d4b7801b7617fec6e09ad3aaf2_cryptolocker
-
Size
57KB
-
Sample
240128-stryjsebgn
-
MD5
48e561d4b7801b7617fec6e09ad3aaf2
-
SHA1
e5db9c4cb5f63cdbddf9ae884d3a95059d6eb37d
-
SHA256
60d3e1661f757af96d1be8249ddefddad002e87a3ed73871cc14cd68046f5b11
-
SHA512
af3e50fa4b9cc017957984caf5f0d1ad59daad18ce1d48db51985f84230e2d88f0c4d79d994b1b8b35dd670fa7eb8c9da42a8f7584265e9a34ac0409b510b985
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61PTF:BbdDmjr+OtEvwDpjMX
Malware Config
Targets
-
-
Target
2024-01-28_48e561d4b7801b7617fec6e09ad3aaf2_cryptolocker
-
Size
57KB
-
MD5
48e561d4b7801b7617fec6e09ad3aaf2
-
SHA1
e5db9c4cb5f63cdbddf9ae884d3a95059d6eb37d
-
SHA256
60d3e1661f757af96d1be8249ddefddad002e87a3ed73871cc14cd68046f5b11
-
SHA512
af3e50fa4b9cc017957984caf5f0d1ad59daad18ce1d48db51985f84230e2d88f0c4d79d994b1b8b35dd670fa7eb8c9da42a8f7584265e9a34ac0409b510b985
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61PTF:BbdDmjr+OtEvwDpjMX
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-