General
-
Target
2024-02-12_6119c1f320395ce8a6990e72beff431c_cryptolocker
-
Size
40KB
-
Sample
240212-y8kexabf31
-
MD5
6119c1f320395ce8a6990e72beff431c
-
SHA1
ac98a54b2fc93ceab9dd4102a0542be8ffbe2a18
-
SHA256
d5e6294d6f68572218bbbb9ee88dc5104f9a0b50457c18ef9564a11be406e8a5
-
SHA512
2ab329b04bc34a142ed70b6c2a7dec29e066cf747397fe6dd5c1f298d580403f9b62d63a975b55df48f3a373a2d41fa47fa46c0f861db5c87e06390c32a00d33
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/f5:6j+1NMOtEvwDpjrRH5
Malware Config
Targets
-
-
Target
2024-02-12_6119c1f320395ce8a6990e72beff431c_cryptolocker
-
Size
40KB
-
MD5
6119c1f320395ce8a6990e72beff431c
-
SHA1
ac98a54b2fc93ceab9dd4102a0542be8ffbe2a18
-
SHA256
d5e6294d6f68572218bbbb9ee88dc5104f9a0b50457c18ef9564a11be406e8a5
-
SHA512
2ab329b04bc34a142ed70b6c2a7dec29e066cf747397fe6dd5c1f298d580403f9b62d63a975b55df48f3a373a2d41fa47fa46c0f861db5c87e06390c32a00d33
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/f5:6j+1NMOtEvwDpjrRH5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-