General
-
Target
2024-02-17_bb99f3dec83e3def99cbeb51957adf11_cryptolocker
-
Size
100KB
-
Sample
240217-2xm87sbe5v
-
MD5
bb99f3dec83e3def99cbeb51957adf11
-
SHA1
85a513a3ca5934be90db1f0da07615c3c81defba
-
SHA256
49a4011cce0deb8b8cb11ce44f0b5ce95c966d255d7be3b03e0c1fd1a5901565
-
SHA512
bfeeeaaa4dcf1908a5c85df6a2078701c65fdc8ab0b31857a43d877d5b23de04741b368ee42a4b95254ecce9e2cde8f9a8b8071821a19dea87f4f03ac909fd25
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjzUNu5y:i5nkFGMOtEvwDpjNbwQEIikgNj
Malware Config
Targets
-
-
Target
2024-02-17_bb99f3dec83e3def99cbeb51957adf11_cryptolocker
-
Size
100KB
-
MD5
bb99f3dec83e3def99cbeb51957adf11
-
SHA1
85a513a3ca5934be90db1f0da07615c3c81defba
-
SHA256
49a4011cce0deb8b8cb11ce44f0b5ce95c966d255d7be3b03e0c1fd1a5901565
-
SHA512
bfeeeaaa4dcf1908a5c85df6a2078701c65fdc8ab0b31857a43d877d5b23de04741b368ee42a4b95254ecce9e2cde8f9a8b8071821a19dea87f4f03ac909fd25
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjzUNu5y:i5nkFGMOtEvwDpjNbwQEIikgNj
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-