General
-
Target
2024-02-04_1d7523dc671ad88d825fd056b83ef662_cryptolocker
-
Size
40KB
-
Sample
240204-b385rahadk
-
MD5
1d7523dc671ad88d825fd056b83ef662
-
SHA1
21f1855a6f8911d4640b2e49d52c221cf1fc2404
-
SHA256
439dadd482c21d8a02d55a21e4c89eb20fe67238e4a2632403be102fb41d9c39
-
SHA512
1819de78e6a66ac008fb4b1c7b07d527aef18b081c8dcb150c89edfcac4c67dc654a08e10548c22cf744ae2bd78a88f7a5da72e3ee983da88bdb7fd3d757bc12
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnIW:m5nkFNMOtEvwDpjG8hgp3
Malware Config
Targets
-
-
Target
2024-02-04_1d7523dc671ad88d825fd056b83ef662_cryptolocker
-
Size
40KB
-
MD5
1d7523dc671ad88d825fd056b83ef662
-
SHA1
21f1855a6f8911d4640b2e49d52c221cf1fc2404
-
SHA256
439dadd482c21d8a02d55a21e4c89eb20fe67238e4a2632403be102fb41d9c39
-
SHA512
1819de78e6a66ac008fb4b1c7b07d527aef18b081c8dcb150c89edfcac4c67dc654a08e10548c22cf744ae2bd78a88f7a5da72e3ee983da88bdb7fd3d757bc12
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnIW:m5nkFNMOtEvwDpjG8hgp3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-