General
-
Target
2024-02-13_b56f43da8c7e41998306c6cebb0d6a73_cryptolocker
-
Size
39KB
-
Sample
240213-ws51kafh77
-
MD5
b56f43da8c7e41998306c6cebb0d6a73
-
SHA1
3937ac574e5144612b7a46b085291a22c20888b4
-
SHA256
d41dcfb2e9339b7c0694baca3436044a76bafa5337bb664506eed7fa3c67700c
-
SHA512
4ca3cf2839a4e2610e7a1e8eb20b59dc9ecacbbeebb815b9f928426d667601276f658c9d0a3ba2bc37fb8db8052a366f0b31847de97822a8720724df97a83b5e
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQBgb:i5nkFGMOtEvwDpjn/JQI
Malware Config
Targets
-
-
Target
2024-02-13_b56f43da8c7e41998306c6cebb0d6a73_cryptolocker
-
Size
39KB
-
MD5
b56f43da8c7e41998306c6cebb0d6a73
-
SHA1
3937ac574e5144612b7a46b085291a22c20888b4
-
SHA256
d41dcfb2e9339b7c0694baca3436044a76bafa5337bb664506eed7fa3c67700c
-
SHA512
4ca3cf2839a4e2610e7a1e8eb20b59dc9ecacbbeebb815b9f928426d667601276f658c9d0a3ba2bc37fb8db8052a366f0b31847de97822a8720724df97a83b5e
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQBgb:i5nkFGMOtEvwDpjn/JQI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-