General
-
Target
2024-02-25_ea31470be6563ea85f36253658f2bd47_cryptolocker
-
Size
42KB
-
Sample
240225-b4fvlahh32
-
MD5
ea31470be6563ea85f36253658f2bd47
-
SHA1
3a7addd648148f29aeda905746701c5bceacaf9b
-
SHA256
ccf41c1f395f65274453b627f85960e18e4201f9d03c1f306e934f1cd9ee83aa
-
SHA512
9294e386adf92f210edf780612c780ba1c5aaa76e8f97f9b383f12a3e4c26b35149eb1eca33d3aa64fd8f5010003ec45adfea2711f1859b4bfa3e8558d3ccc11
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvK4:6j+1NMOtEvwDpjr8hK4
Malware Config
Targets
-
-
Target
2024-02-25_ea31470be6563ea85f36253658f2bd47_cryptolocker
-
Size
42KB
-
MD5
ea31470be6563ea85f36253658f2bd47
-
SHA1
3a7addd648148f29aeda905746701c5bceacaf9b
-
SHA256
ccf41c1f395f65274453b627f85960e18e4201f9d03c1f306e934f1cd9ee83aa
-
SHA512
9294e386adf92f210edf780612c780ba1c5aaa76e8f97f9b383f12a3e4c26b35149eb1eca33d3aa64fd8f5010003ec45adfea2711f1859b4bfa3e8558d3ccc11
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvK4:6j+1NMOtEvwDpjr8hK4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-