General
-
Target
2024-02-18_65f2ab10b133c7cb12b7902b7efbc099_cryptolocker
-
Size
40KB
-
Sample
240218-pqletaad98
-
MD5
65f2ab10b133c7cb12b7902b7efbc099
-
SHA1
55c2a9c69c57e4a7d4c7f192e13f8c90b5e0bbeb
-
SHA256
4826c93721d78ec414d247adab8624d7236764e3dbe19df266202b444ec046e9
-
SHA512
37e9fb2c7930e95358786a43c96e356f0a7bcf05af2dc685e64094b4c3f4822a2c616a45ed24b2e1d55d06f59b554168af5a0bc0123ac380047a24b792dbeaf2
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CyY2:6j+1NMOtEvwDpjrRB
Malware Config
Targets
-
-
Target
2024-02-18_65f2ab10b133c7cb12b7902b7efbc099_cryptolocker
-
Size
40KB
-
MD5
65f2ab10b133c7cb12b7902b7efbc099
-
SHA1
55c2a9c69c57e4a7d4c7f192e13f8c90b5e0bbeb
-
SHA256
4826c93721d78ec414d247adab8624d7236764e3dbe19df266202b444ec046e9
-
SHA512
37e9fb2c7930e95358786a43c96e356f0a7bcf05af2dc685e64094b4c3f4822a2c616a45ed24b2e1d55d06f59b554168af5a0bc0123ac380047a24b792dbeaf2
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CyY2:6j+1NMOtEvwDpjrRB
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-