General
-
Target
2024-02-17_6cf92e6179e6b9b45ec361b60b1f126f_cryptolocker
-
Size
64KB
-
Sample
240217-2p2fvsca33
-
MD5
6cf92e6179e6b9b45ec361b60b1f126f
-
SHA1
23ed74d2b2d6b136e83bfaeba37f1ffcac846dfa
-
SHA256
79ed23f9acc935843529f5e341c12a3f890819c023f99102220e7950fe6fc4ac
-
SHA512
e37bdcb671276b49b539faaae3c7ac19da6c08f967d690c8c47353bcb595c84f70f2c4aca3b245b073c08e0435facc00cec5fcd42d20a0499fed9bd8a7c35401
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xm:6j+1NMOtEvwDpjr8ox8UDEpN/M
Malware Config
Targets
-
-
Target
2024-02-17_6cf92e6179e6b9b45ec361b60b1f126f_cryptolocker
-
Size
64KB
-
MD5
6cf92e6179e6b9b45ec361b60b1f126f
-
SHA1
23ed74d2b2d6b136e83bfaeba37f1ffcac846dfa
-
SHA256
79ed23f9acc935843529f5e341c12a3f890819c023f99102220e7950fe6fc4ac
-
SHA512
e37bdcb671276b49b539faaae3c7ac19da6c08f967d690c8c47353bcb595c84f70f2c4aca3b245b073c08e0435facc00cec5fcd42d20a0499fed9bd8a7c35401
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpE0P/xm:6j+1NMOtEvwDpjr8ox8UDEpN/M
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-