General
-
Target
2024-02-25_f354b41624c1a2b13ae674d70239f59c_cryptolocker
-
Size
46KB
-
Sample
240225-kjw6hsgf2z
-
MD5
f354b41624c1a2b13ae674d70239f59c
-
SHA1
8a29612123250757ea1101c6957b98744baf1083
-
SHA256
2320661f2077752acc080deb546d489621e45b5602ba33b32c94d0628ce48d92
-
SHA512
2d4943fe4afbfba1f146c38e29b56a55678ed2c2878ce2135c81ba4f9dfdc42f6c15e47c232a5e477c64723ad31a2d7656abf0f52e8c547176394e0efa85ec74
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvgpnq:6j+1NMOtEvwDpjr8hgpq
Malware Config
Targets
-
-
Target
2024-02-25_f354b41624c1a2b13ae674d70239f59c_cryptolocker
-
Size
46KB
-
MD5
f354b41624c1a2b13ae674d70239f59c
-
SHA1
8a29612123250757ea1101c6957b98744baf1083
-
SHA256
2320661f2077752acc080deb546d489621e45b5602ba33b32c94d0628ce48d92
-
SHA512
2d4943fe4afbfba1f146c38e29b56a55678ed2c2878ce2135c81ba4f9dfdc42f6c15e47c232a5e477c64723ad31a2d7656abf0f52e8c547176394e0efa85ec74
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvgpnq:6j+1NMOtEvwDpjr8hgpq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-