General
-
Target
2024-02-18_55b96169916a544518b917a80e61c7c5_cryptolocker
-
Size
40KB
-
Sample
240218-zdxbnaef78
-
MD5
55b96169916a544518b917a80e61c7c5
-
SHA1
7ebf9d3e454dd9010ea9f3569cf36c2b1933c104
-
SHA256
b41874af68c9d9fc2f03aa9b2c7ebabfca9b28d027b4e51cd854904b686ff151
-
SHA512
d4542c5192d8d91489e12eba50f34a002b57cffd8d09e3ff2b14669e2eb0c6d02d4032c372ae930dee6b1535b9659bdd35f91d23deb52f3b8624a6f2b7576572
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKajna:6j+1NMOtEvwDpjroba
Malware Config
Targets
-
-
Target
2024-02-18_55b96169916a544518b917a80e61c7c5_cryptolocker
-
Size
40KB
-
MD5
55b96169916a544518b917a80e61c7c5
-
SHA1
7ebf9d3e454dd9010ea9f3569cf36c2b1933c104
-
SHA256
b41874af68c9d9fc2f03aa9b2c7ebabfca9b28d027b4e51cd854904b686ff151
-
SHA512
d4542c5192d8d91489e12eba50f34a002b57cffd8d09e3ff2b14669e2eb0c6d02d4032c372ae930dee6b1535b9659bdd35f91d23deb52f3b8624a6f2b7576572
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKajna:6j+1NMOtEvwDpjroba
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-