General
-
Target
2024-02-19_5ba4be7cdaf1858cc62a93aaec999559_cryptolocker
-
Size
63KB
-
Sample
240219-1flhlsdf7v
-
MD5
5ba4be7cdaf1858cc62a93aaec999559
-
SHA1
1c73d1e3427fe6b02cf0a84b87774ad746f03a5c
-
SHA256
47241e4cf0f3f76d33c0e73a8c6758d7eea60be0e72a210a7617b47a604e8f02
-
SHA512
fb4683ca44889a0835f833dd650a4671c57a61988f46515848ed8b89c98334338b5574e61ddf56d9158245b18ff5fbc2775e13d9a95b07052c085c114e84dfad
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMR8:6j+1NMOtEvwDpjr8ox8UDEq8
Malware Config
Targets
-
-
Target
2024-02-19_5ba4be7cdaf1858cc62a93aaec999559_cryptolocker
-
Size
63KB
-
MD5
5ba4be7cdaf1858cc62a93aaec999559
-
SHA1
1c73d1e3427fe6b02cf0a84b87774ad746f03a5c
-
SHA256
47241e4cf0f3f76d33c0e73a8c6758d7eea60be0e72a210a7617b47a604e8f02
-
SHA512
fb4683ca44889a0835f833dd650a4671c57a61988f46515848ed8b89c98334338b5574e61ddf56d9158245b18ff5fbc2775e13d9a95b07052c085c114e84dfad
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMR8:6j+1NMOtEvwDpjr8ox8UDEq8
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-