General
-
Target
2024-02-17_a59c7268dabdb68f7901a91ecc6d42d3_cryptolocker
-
Size
44KB
-
Sample
240217-2v9pesca77
-
MD5
a59c7268dabdb68f7901a91ecc6d42d3
-
SHA1
1088b7dadcba521d94149ecb6924bcffbe7bc426
-
SHA256
cbc6f31442b7b1a15bc34d1f7c0f0067e790d125058244626d7907ceb8c8c644
-
SHA512
adc1b88c4314c7bf59b45c0650a9f123475283addfc685c55332c0e4fdc3159ac7d58e6469252fc79bbcc4a44fe54ba216c97dc5785f39fa3c5bb3d77b6ee90a
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05Wpd:qmbhXDmjr5MOtEvwDpj5cDtKkQZQC
Malware Config
Targets
-
-
Target
2024-02-17_a59c7268dabdb68f7901a91ecc6d42d3_cryptolocker
-
Size
44KB
-
MD5
a59c7268dabdb68f7901a91ecc6d42d3
-
SHA1
1088b7dadcba521d94149ecb6924bcffbe7bc426
-
SHA256
cbc6f31442b7b1a15bc34d1f7c0f0067e790d125058244626d7907ceb8c8c644
-
SHA512
adc1b88c4314c7bf59b45c0650a9f123475283addfc685c55332c0e4fdc3159ac7d58e6469252fc79bbcc4a44fe54ba216c97dc5785f39fa3c5bb3d77b6ee90a
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05Wpd:qmbhXDmjr5MOtEvwDpj5cDtKkQZQC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-