General
-
Target
2024-02-14_92eea5569cf7fe1f4564a27317980917_cryptolocker
-
Size
51KB
-
Sample
240214-rc6vpscf31
-
MD5
92eea5569cf7fe1f4564a27317980917
-
SHA1
382c953d2f047e37ed5cc0f06c533f4f34d0af6e
-
SHA256
343934a04072f39c597841daf8302971d351e373f2573f847edaac1f98283451
-
SHA512
d441e73c7b3d804b5ffe37ee7e2477ca93658e9abc38fc4f8df7b67345f0521e41ad495b2bc5769ff87133c2f663a6dd70b89f27392335630497811598310f9b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyQ:BbdDmjr+OtEvwDpjMT
Malware Config
Targets
-
-
Target
2024-02-14_92eea5569cf7fe1f4564a27317980917_cryptolocker
-
Size
51KB
-
MD5
92eea5569cf7fe1f4564a27317980917
-
SHA1
382c953d2f047e37ed5cc0f06c533f4f34d0af6e
-
SHA256
343934a04072f39c597841daf8302971d351e373f2573f847edaac1f98283451
-
SHA512
d441e73c7b3d804b5ffe37ee7e2477ca93658e9abc38fc4f8df7b67345f0521e41ad495b2bc5769ff87133c2f663a6dd70b89f27392335630497811598310f9b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyQ:BbdDmjr+OtEvwDpjMT
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-