General
-
Target
2024-02-12_893ae78e64da7b7a4b659a757ba4a09b_cryptolocker
-
Size
85KB
-
Sample
240212-yvmywabd8y
-
MD5
893ae78e64da7b7a4b659a757ba4a09b
-
SHA1
120dae6cd45b3c6042cc130e22c069441c7c72e7
-
SHA256
baa615277dcd2bf722f0e4c6505b9621fe320a541cce8653b8ff1e9b32bc4de7
-
SHA512
eefed70d5034344a519af0c967a392100f5bb11c26f683e70327b73e7cae28c3aa3257384443cfd88994de86fffeab8d4f08cae2767a123a09f33ce4484ba3da
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxpRm:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8E
Malware Config
Targets
-
-
Target
2024-02-12_893ae78e64da7b7a4b659a757ba4a09b_cryptolocker
-
Size
85KB
-
MD5
893ae78e64da7b7a4b659a757ba4a09b
-
SHA1
120dae6cd45b3c6042cc130e22c069441c7c72e7
-
SHA256
baa615277dcd2bf722f0e4c6505b9621fe320a541cce8653b8ff1e9b32bc4de7
-
SHA512
eefed70d5034344a519af0c967a392100f5bb11c26f683e70327b73e7cae28c3aa3257384443cfd88994de86fffeab8d4f08cae2767a123a09f33ce4484ba3da
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxpRm:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8E
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-