General
-
Target
2024-01-29_b514d3f985afe1586f2c57f3cb1b9a82_cryptolocker
-
Size
44KB
-
Sample
240129-bwcszagecr
-
MD5
b514d3f985afe1586f2c57f3cb1b9a82
-
SHA1
5f2052e01a7b4651706529b787742cac22d59eda
-
SHA256
7a84cbb02471bbfc493d01ccccdc01eb61cb0a25d975da33f94ade68bcd5a782
-
SHA512
f7fb3366e667ddd3f64dfba8e1d2179786933c1d425763a48da2bcc641b506925bda47d0cebc6cb46bee6acab134795f4f0f15ba89afe075ae786f6f0541156d
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhbCi44vCxh:6j+1NMOtEvwDpjr8dx49
Malware Config
Targets
-
-
Target
2024-01-29_b514d3f985afe1586f2c57f3cb1b9a82_cryptolocker
-
Size
44KB
-
MD5
b514d3f985afe1586f2c57f3cb1b9a82
-
SHA1
5f2052e01a7b4651706529b787742cac22d59eda
-
SHA256
7a84cbb02471bbfc493d01ccccdc01eb61cb0a25d975da33f94ade68bcd5a782
-
SHA512
f7fb3366e667ddd3f64dfba8e1d2179786933c1d425763a48da2bcc641b506925bda47d0cebc6cb46bee6acab134795f4f0f15ba89afe075ae786f6f0541156d
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhbCi44vCxh:6j+1NMOtEvwDpjr8dx49
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-