General
-
Target
2024-02-20_3e4001f46480f73f0d60a963afdddaac_cryptolocker
-
Size
64KB
-
Sample
240220-pnyblaga3z
-
MD5
3e4001f46480f73f0d60a963afdddaac
-
SHA1
cb44f6867e575e0139b05ca753ba14e7e1ebda38
-
SHA256
c8b1e02445bce880ebb9b97d92ade1b771b640237e2193bc1c23a39e7d14ff89
-
SHA512
cd5b4ed696bb449f34ed09b20764464f741b61772085a336d5e9c0fc7d0b7c5eccb0ff3418400dea6e7363a8aedddb2e8da741b236986499542be1116dbce553
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUIv:i5nkFGMOtEvwDpjNbwQEI8Uu
Malware Config
Targets
-
-
Target
2024-02-20_3e4001f46480f73f0d60a963afdddaac_cryptolocker
-
Size
64KB
-
MD5
3e4001f46480f73f0d60a963afdddaac
-
SHA1
cb44f6867e575e0139b05ca753ba14e7e1ebda38
-
SHA256
c8b1e02445bce880ebb9b97d92ade1b771b640237e2193bc1c23a39e7d14ff89
-
SHA512
cd5b4ed696bb449f34ed09b20764464f741b61772085a336d5e9c0fc7d0b7c5eccb0ff3418400dea6e7363a8aedddb2e8da741b236986499542be1116dbce553
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUIv:i5nkFGMOtEvwDpjNbwQEI8Uu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-