General
-
Target
2024-02-24_a23f9545a3d19abdec9825f774a01844_cryptolocker
-
Size
40KB
-
Sample
240224-wlp1rsab82
-
MD5
a23f9545a3d19abdec9825f774a01844
-
SHA1
119b10fea96a4eaff24ed3860779da819b09ec0c
-
SHA256
4f3ca34b7189fbfc34a751ddf794f537cc99ce6804b5faecd2c2b38df1fce3ea
-
SHA512
65d6093bbdb850c33d20e90c6076e9a2625b3578cdc006218497d6e78a0f19d786eadbb1d84525ea31c1f4d9c6721ff9edb44c1b6ffab9b270b6a68173cd4b1f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CyYp:6j+1NMOtEvwDpjrRm
Malware Config
Targets
-
-
Target
2024-02-24_a23f9545a3d19abdec9825f774a01844_cryptolocker
-
Size
40KB
-
MD5
a23f9545a3d19abdec9825f774a01844
-
SHA1
119b10fea96a4eaff24ed3860779da819b09ec0c
-
SHA256
4f3ca34b7189fbfc34a751ddf794f537cc99ce6804b5faecd2c2b38df1fce3ea
-
SHA512
65d6093bbdb850c33d20e90c6076e9a2625b3578cdc006218497d6e78a0f19d786eadbb1d84525ea31c1f4d9c6721ff9edb44c1b6ffab9b270b6a68173cd4b1f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CyYp:6j+1NMOtEvwDpjrRm
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-