General
-
Target
2024-02-18_e5dbb08e6d04232d1c8e826a05a52374_cryptolocker
-
Size
31KB
-
Sample
240218-wrz3xsdg77
-
MD5
e5dbb08e6d04232d1c8e826a05a52374
-
SHA1
df95d741eb9c6e5ce34f7ca2e406ed9f048421fe
-
SHA256
75f1f72948625dbf884e520ab17d137f3f0106b8cfe84cff6901a44ca19c6591
-
SHA512
fa185ad308ed09cfbf2157756c4f84c4e3230a0d66f3e566b5b72f571c13e59804945743656798fe9432decb3eefe2650b8d6012c6bc2fbffc61afcf0d4c3efb
-
SSDEEP
768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tH3MW:q0zizzOSxMOtEvwDpj/arqp
Malware Config
Targets
-
-
Target
2024-02-18_e5dbb08e6d04232d1c8e826a05a52374_cryptolocker
-
Size
31KB
-
MD5
e5dbb08e6d04232d1c8e826a05a52374
-
SHA1
df95d741eb9c6e5ce34f7ca2e406ed9f048421fe
-
SHA256
75f1f72948625dbf884e520ab17d137f3f0106b8cfe84cff6901a44ca19c6591
-
SHA512
fa185ad308ed09cfbf2157756c4f84c4e3230a0d66f3e566b5b72f571c13e59804945743656798fe9432decb3eefe2650b8d6012c6bc2fbffc61afcf0d4c3efb
-
SSDEEP
768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tH3MW:q0zizzOSxMOtEvwDpj/arqp
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-