General
-
Target
2024-02-12_8eceb80b4cbcc25a5362f4b51aec2886_cryptolocker
-
Size
55KB
-
Sample
240212-yvzbxadb49
-
MD5
8eceb80b4cbcc25a5362f4b51aec2886
-
SHA1
7d6df5a6046552cfecee28b59bc4c98cde16a5ec
-
SHA256
882352168cd422e5ffd6fd3160ad288897f65cf3f77f9c4537e8da50c7a58d88
-
SHA512
bed29b3f3d3cf95af76e7d9ef4dc20753bc7cceed037e00de5941fba0e885fe0d9ac93ab314859fb3a8472cd96e99cbf3f05f38d3125be3c2b358c9d3bd04c96
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLDWE:zj+soPSMOtEvwDpj4yD5
Malware Config
Targets
-
-
Target
2024-02-12_8eceb80b4cbcc25a5362f4b51aec2886_cryptolocker
-
Size
55KB
-
MD5
8eceb80b4cbcc25a5362f4b51aec2886
-
SHA1
7d6df5a6046552cfecee28b59bc4c98cde16a5ec
-
SHA256
882352168cd422e5ffd6fd3160ad288897f65cf3f77f9c4537e8da50c7a58d88
-
SHA512
bed29b3f3d3cf95af76e7d9ef4dc20753bc7cceed037e00de5941fba0e885fe0d9ac93ab314859fb3a8472cd96e99cbf3f05f38d3125be3c2b358c9d3bd04c96
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLDWE:zj+soPSMOtEvwDpj4yD5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-