General
-
Target
2024-02-12_6d677c8e86b781bca2939fbbbeeaacbb_cryptolocker
-
Size
54KB
-
Sample
240212-v73cjsaf6s
-
MD5
6d677c8e86b781bca2939fbbbeeaacbb
-
SHA1
a8e723621ff537a29162426a41244a5e5d7c450f
-
SHA256
dfac611a742eeab1e6a0aac8010572927c6e35e81e91efdcd33d46ab6b0b0ffa
-
SHA512
a0fc2fbb9d86a89adc6721f0915178decc800555fa46244927a0c593c904422641f8c98e0c1363ff1d6db8499f7a2b05811a79ba3a4c44c749aa3ab486743979
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbP/MME:xj+VGMOtEvwDpjubXMME
Malware Config
Targets
-
-
Target
2024-02-12_6d677c8e86b781bca2939fbbbeeaacbb_cryptolocker
-
Size
54KB
-
MD5
6d677c8e86b781bca2939fbbbeeaacbb
-
SHA1
a8e723621ff537a29162426a41244a5e5d7c450f
-
SHA256
dfac611a742eeab1e6a0aac8010572927c6e35e81e91efdcd33d46ab6b0b0ffa
-
SHA512
a0fc2fbb9d86a89adc6721f0915178decc800555fa46244927a0c593c904422641f8c98e0c1363ff1d6db8499f7a2b05811a79ba3a4c44c749aa3ab486743979
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbP/MME:xj+VGMOtEvwDpjubXMME
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-