General
-
Target
2024-02-18_f001594afe1dc065b6687e50bf908015_cryptolocker
-
Size
39KB
-
Sample
240218-r9n16aca28
-
MD5
f001594afe1dc065b6687e50bf908015
-
SHA1
d5aa6df67c29d88d33d52100978e87bf6aa3c66b
-
SHA256
f15d69d8fb29d6428f64c7510a5f8ba3209d63c24fab3daa3aaa12d0082ae61d
-
SHA512
527a3d613d45638700f9e923537f963855ad49217d047c8bea1542f89e3b5fd9956ecb0b40be99899f606f29cbd6ec1f0b2ace185ef543afa35608ec61403b11
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR1Y:m5nkFNMOtEvwDpjG8hhX3Y
Malware Config
Targets
-
-
Target
2024-02-18_f001594afe1dc065b6687e50bf908015_cryptolocker
-
Size
39KB
-
MD5
f001594afe1dc065b6687e50bf908015
-
SHA1
d5aa6df67c29d88d33d52100978e87bf6aa3c66b
-
SHA256
f15d69d8fb29d6428f64c7510a5f8ba3209d63c24fab3daa3aaa12d0082ae61d
-
SHA512
527a3d613d45638700f9e923537f963855ad49217d047c8bea1542f89e3b5fd9956ecb0b40be99899f606f29cbd6ec1f0b2ace185ef543afa35608ec61403b11
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR1Y:m5nkFNMOtEvwDpjG8hhX3Y
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-