General
-
Target
2024-02-24_d2f19a779a0a49967d1c67cae92ac45c_cryptolocker
-
Size
63KB
-
Sample
240224-fx9asabb8s
-
MD5
d2f19a779a0a49967d1c67cae92ac45c
-
SHA1
b1b797d26c48b26b252f51b876f6bb0e12f920d8
-
SHA256
c0d6f54d49a5ef2c91952f968d180b0b7a655a996fc55cbdd6a0984fb9a6e1e8
-
SHA512
933c011cb5e9aa8220db36f8ef5aa28a3853f8bf12347bf502a08dbe5aa986e053c5a60a7beb3e1c0f7f670331542107eff94d3476048d8f59d759e49f8b2210
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UR:1nK6a+qdOOtEvwDpjM
Malware Config
Targets
-
-
Target
2024-02-24_d2f19a779a0a49967d1c67cae92ac45c_cryptolocker
-
Size
63KB
-
MD5
d2f19a779a0a49967d1c67cae92ac45c
-
SHA1
b1b797d26c48b26b252f51b876f6bb0e12f920d8
-
SHA256
c0d6f54d49a5ef2c91952f968d180b0b7a655a996fc55cbdd6a0984fb9a6e1e8
-
SHA512
933c011cb5e9aa8220db36f8ef5aa28a3853f8bf12347bf502a08dbe5aa986e053c5a60a7beb3e1c0f7f670331542107eff94d3476048d8f59d759e49f8b2210
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjY6UR:1nK6a+qdOOtEvwDpjM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-