General
-
Target
2024-02-19_c30a20c24bf499e9186c331e68c8c39f_cryptolocker
-
Size
57KB
-
Sample
240219-1rqxgaef64
-
MD5
c30a20c24bf499e9186c331e68c8c39f
-
SHA1
208917eaa64bac72cf1cb38345cd6e603fe53ee5
-
SHA256
39dd2a64d32f49bcb21f156b0e67d38b7d29ee11ef9c9e1ea8a6aab8293376a1
-
SHA512
956d8706a26fb84efe8e4779b3826acdc74c4ec0d6bcb643d01d88bcd95024b35f4acf8530ae739123cc8c1bea2f66ac1a7ac747e74018bf5a826be4b898a906
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpyl:zj+soPSMOtEvwDpj4yA
Malware Config
Targets
-
-
Target
2024-02-19_c30a20c24bf499e9186c331e68c8c39f_cryptolocker
-
Size
57KB
-
MD5
c30a20c24bf499e9186c331e68c8c39f
-
SHA1
208917eaa64bac72cf1cb38345cd6e603fe53ee5
-
SHA256
39dd2a64d32f49bcb21f156b0e67d38b7d29ee11ef9c9e1ea8a6aab8293376a1
-
SHA512
956d8706a26fb84efe8e4779b3826acdc74c4ec0d6bcb643d01d88bcd95024b35f4acf8530ae739123cc8c1bea2f66ac1a7ac747e74018bf5a826be4b898a906
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpyl:zj+soPSMOtEvwDpj4yA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-