General
-
Target
2024-02-01_f6ac831d42403884700f0385d3b14857_cryptolocker
-
Size
63KB
-
Sample
240201-lpv13sbghk
-
MD5
f6ac831d42403884700f0385d3b14857
-
SHA1
251a852121accaeaeca723a7f79a03d320b13dc0
-
SHA256
8a788cd0abfbbcc8b5228463f02b55f4775b22cc5b5cd78267008e8aaf6eac17
-
SHA512
933e25a9fb49a6abde0da5ed75b016539e2a11c5a20c87e3ae6c1ade23ccf93c8421c4ae8f18cac7227d194d4bf6fd5de025c99e02d88628adf776a4543e41cd
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIQ:6j+1NMOtEvwDpjr8ox8UDEpuha8PIQ
Malware Config
Targets
-
-
Target
2024-02-01_f6ac831d42403884700f0385d3b14857_cryptolocker
-
Size
63KB
-
MD5
f6ac831d42403884700f0385d3b14857
-
SHA1
251a852121accaeaeca723a7f79a03d320b13dc0
-
SHA256
8a788cd0abfbbcc8b5228463f02b55f4775b22cc5b5cd78267008e8aaf6eac17
-
SHA512
933e25a9fb49a6abde0da5ed75b016539e2a11c5a20c87e3ae6c1ade23ccf93c8421c4ae8f18cac7227d194d4bf6fd5de025c99e02d88628adf776a4543e41cd
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIQ:6j+1NMOtEvwDpjr8ox8UDEpuha8PIQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-