General
-
Target
2024-02-20_1e13c7e7be93280ceee613559fdd36c5_cryptolocker
-
Size
40KB
-
Sample
240220-ldyylaeh72
-
MD5
1e13c7e7be93280ceee613559fdd36c5
-
SHA1
631e71ab268da5adc507827b2fdb1eade0a0310d
-
SHA256
d96204743eefab8fdb6c2e77b22a624b10ad7addf6bbf05a868e0cbd60857309
-
SHA512
8aee0d443fe64f39e88afe65c1d485172688f46bb98d90e6b95299f12ef0eed682a434bd3525baea48b4ed2e18e728cb5554f51ca4302519e4617e1c1c98b718
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/fQ:6j+1NMOtEvwDpjrRHQ
Malware Config
Targets
-
-
Target
2024-02-20_1e13c7e7be93280ceee613559fdd36c5_cryptolocker
-
Size
40KB
-
MD5
1e13c7e7be93280ceee613559fdd36c5
-
SHA1
631e71ab268da5adc507827b2fdb1eade0a0310d
-
SHA256
d96204743eefab8fdb6c2e77b22a624b10ad7addf6bbf05a868e0cbd60857309
-
SHA512
8aee0d443fe64f39e88afe65c1d485172688f46bb98d90e6b95299f12ef0eed682a434bd3525baea48b4ed2e18e728cb5554f51ca4302519e4617e1c1c98b718
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/fQ:6j+1NMOtEvwDpjrRHQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-