General
-
Target
2024-02-19_8be39f9fbba0598426070ef2440a9eed_cryptolocker
-
Size
38KB
-
Sample
240219-1le8sadh3t
-
MD5
8be39f9fbba0598426070ef2440a9eed
-
SHA1
ff0e91607bc2ca054f37cc385013e0276efa2fbf
-
SHA256
bfe60b0313a53a7df41b6aa15c9fc694b62c8e5691296b37575f9ccf35508145
-
SHA512
51bc0f3ede02f9793ed04a3e76f222edb2e11059354bf4c0e2d2527d9d71b2f3d5752a8e25dddf2ae07eb9cd0637200afd82bba5912d95e435aa1f9da5e3c597
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQgY:i5nkFGMOtEvwDpjn/JQgY
Malware Config
Targets
-
-
Target
2024-02-19_8be39f9fbba0598426070ef2440a9eed_cryptolocker
-
Size
38KB
-
MD5
8be39f9fbba0598426070ef2440a9eed
-
SHA1
ff0e91607bc2ca054f37cc385013e0276efa2fbf
-
SHA256
bfe60b0313a53a7df41b6aa15c9fc694b62c8e5691296b37575f9ccf35508145
-
SHA512
51bc0f3ede02f9793ed04a3e76f222edb2e11059354bf4c0e2d2527d9d71b2f3d5752a8e25dddf2ae07eb9cd0637200afd82bba5912d95e435aa1f9da5e3c597
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQgY:i5nkFGMOtEvwDpjn/JQgY
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-