General
-
Target
2024-02-19_600442feb483bad91f3142e381ef1a1a_cryptolocker
-
Size
91KB
-
Sample
240219-t4hy3agg93
-
MD5
600442feb483bad91f3142e381ef1a1a
-
SHA1
bf9db6fac5bfc98291202cf53ea9b474e99b9017
-
SHA256
329dfbe138cdbaf7b750c3310f3e3384446c8130f061baf7d8ff18f1c39e5aed
-
SHA512
531f3c4212d1b48c3dc1e9d14d4e1aa10f83cdb773759e46d021cf327120c4e242a79d7d6305f48bb6f2e1d5e5a4f0f2e80a8c3a21105f1ea20b5520d78988fe
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRMy87UvK:zCsanOtEvwDpjP
Malware Config
Targets
-
-
Target
2024-02-19_600442feb483bad91f3142e381ef1a1a_cryptolocker
-
Size
91KB
-
MD5
600442feb483bad91f3142e381ef1a1a
-
SHA1
bf9db6fac5bfc98291202cf53ea9b474e99b9017
-
SHA256
329dfbe138cdbaf7b750c3310f3e3384446c8130f061baf7d8ff18f1c39e5aed
-
SHA512
531f3c4212d1b48c3dc1e9d14d4e1aa10f83cdb773759e46d021cf327120c4e242a79d7d6305f48bb6f2e1d5e5a4f0f2e80a8c3a21105f1ea20b5520d78988fe
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRMy87UvK:zCsanOtEvwDpjP
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-