General
-
Target
2024-02-22_0c067950fa1e548a69e568ff7a53f532_cryptolocker
-
Size
40KB
-
Sample
240222-kcnwkaef2v
-
MD5
0c067950fa1e548a69e568ff7a53f532
-
SHA1
1092733cb9b35e18cc5a5a3630505a4ba0bf7a62
-
SHA256
caad8a341f7bc4f28b033b5985445bae7f852a276f76bbbaa2d7b40dcf44e87d
-
SHA512
52bf3f999ef4c12423baf7eeb5509d96e848a6877797eabb2c8038ab5a19f77a11fc7fc3d7bab75b40a24fce3359a3c3ccae3b4692d015fca98a0427afbba7f4
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR19T:m5nkFNMOtEvwDpjG8hhX3B
Malware Config
Targets
-
-
Target
2024-02-22_0c067950fa1e548a69e568ff7a53f532_cryptolocker
-
Size
40KB
-
MD5
0c067950fa1e548a69e568ff7a53f532
-
SHA1
1092733cb9b35e18cc5a5a3630505a4ba0bf7a62
-
SHA256
caad8a341f7bc4f28b033b5985445bae7f852a276f76bbbaa2d7b40dcf44e87d
-
SHA512
52bf3f999ef4c12423baf7eeb5509d96e848a6877797eabb2c8038ab5a19f77a11fc7fc3d7bab75b40a24fce3359a3c3ccae3b4692d015fca98a0427afbba7f4
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR19T:m5nkFNMOtEvwDpjG8hhX3B
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-