General
-
Target
2024-02-17_953282692186a8cfd4a7e67a8370dfe9_cryptolocker
-
Size
65KB
-
Sample
240217-2twfeaca65
-
MD5
953282692186a8cfd4a7e67a8370dfe9
-
SHA1
8bc10dc5930795156d6509f4c200216d4ecb729d
-
SHA256
b1d2dfe8c8528bd6e4533ed7ff8f44952c709433defb9ec24852e463d4a318df
-
SHA512
50af2e9e3f6e624cade2e3a8470b85bf796effb5b60f9fd05c56b2314e979d9c8118818fc1d45a7f54bcd338a2b36f9bd7dbfebf690fb38feb0317b70618c85f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD:i5nkFGMOtEvwDpjNbwQEI8UZD
Malware Config
Targets
-
-
Target
2024-02-17_953282692186a8cfd4a7e67a8370dfe9_cryptolocker
-
Size
65KB
-
MD5
953282692186a8cfd4a7e67a8370dfe9
-
SHA1
8bc10dc5930795156d6509f4c200216d4ecb729d
-
SHA256
b1d2dfe8c8528bd6e4533ed7ff8f44952c709433defb9ec24852e463d4a318df
-
SHA512
50af2e9e3f6e624cade2e3a8470b85bf796effb5b60f9fd05c56b2314e979d9c8118818fc1d45a7f54bcd338a2b36f9bd7dbfebf690fb38feb0317b70618c85f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD:i5nkFGMOtEvwDpjNbwQEI8UZD
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-