General
-
Target
2024-02-12_bbcfa420393ba88747997001a324df66_cryptolocker
-
Size
50KB
-
Sample
240212-l64dsacd78
-
MD5
bbcfa420393ba88747997001a324df66
-
SHA1
364e5054cd41970d434681b167534fd8ceaa137e
-
SHA256
30de0c8ecfabe15d96fe1ebd6c689ebb17d768a91ebc540bb12ee6c1d442c486
-
SHA512
c30653bdb2956356e3944751a45dab065b3dab236baa6a0727ff4b7da5ef56fcdc133adf3799aa6f61171e50c89d17203d5d1c4b6dcfb5a9911c669826ba5100
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzF3D:i5nkFGMOtEvwDpjNbwQEqD
Malware Config
Targets
-
-
Target
2024-02-12_bbcfa420393ba88747997001a324df66_cryptolocker
-
Size
50KB
-
MD5
bbcfa420393ba88747997001a324df66
-
SHA1
364e5054cd41970d434681b167534fd8ceaa137e
-
SHA256
30de0c8ecfabe15d96fe1ebd6c689ebb17d768a91ebc540bb12ee6c1d442c486
-
SHA512
c30653bdb2956356e3944751a45dab065b3dab236baa6a0727ff4b7da5ef56fcdc133adf3799aa6f61171e50c89d17203d5d1c4b6dcfb5a9911c669826ba5100
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzF3D:i5nkFGMOtEvwDpjNbwQEqD
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-