2024-02-04_ef8dcedf8c1c3c8a8bcbf006bf9d49d6_cryptolocker

General

Target

2024-02-04_ef8dcedf8c1c3c8a8bcbf006bf9d49d6_cryptolocker
Size

56KB
MD5

ef8dcedf8c1c3c8a8bcbf006bf9d49d6
SHA1

1aaaca642343a965c4d8625455ec1885c0c15818
SHA256

5aa0e1a665bd7fc0313363fe0879de6be733b88b41432a95673cbd0f9f79e550
SHA512

66202676cfac7d1e4f8ad57077d7bb0563921f25b63accfb1870dcca4ca1add0656a1c973f94868affb033aaf77a865a3872c3c1266adb0f66e9ed2834996a28
SSDEEP

768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Goi20Pb3:xj+VGMOtEvwDpjubEgV20D3

Score

10^/10

Detection of CryptoLocker Variants 1 IoCs

resource	yara_rule
sample	CryptoLocker_rule2

Detection of Cryptolocker Samples 1 IoCs

resource	yara_rule
sample	CryptoLocker_set1

Detects executables built or packed with MPress PE compressor 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_MPress

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_ef8dcedf8c1c3c8a8bcbf006bf9d49d6_cryptolocker