General
-
Target
2024-02-24_a4a9a98f2b535166aa20fa3cecb5a79f_cryptolocker
-
Size
87KB
-
Sample
240224-fpzflsaa87
-
MD5
a4a9a98f2b535166aa20fa3cecb5a79f
-
SHA1
7e904a7fdece5d8acef7ada2fd34395251887c80
-
SHA256
d3951680238213ec00a47e581fdafbe6e97b924510971976faf28e948664ccb4
-
SHA512
76531cf26bb031e2f25d4ebbf5493f5f5c6a1cdb04459b51657003152531bc15beda565a1c2191557328e09812802f77b118315d30ca1ecc2aa3d46365765312
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSh:AnBdOOtEvwDpj6zs
Malware Config
Targets
-
-
Target
2024-02-24_a4a9a98f2b535166aa20fa3cecb5a79f_cryptolocker
-
Size
87KB
-
MD5
a4a9a98f2b535166aa20fa3cecb5a79f
-
SHA1
7e904a7fdece5d8acef7ada2fd34395251887c80
-
SHA256
d3951680238213ec00a47e581fdafbe6e97b924510971976faf28e948664ccb4
-
SHA512
76531cf26bb031e2f25d4ebbf5493f5f5c6a1cdb04459b51657003152531bc15beda565a1c2191557328e09812802f77b118315d30ca1ecc2aa3d46365765312
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSh:AnBdOOtEvwDpj6zs
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-