General
-
Target
2024-02-28_2c742964bab78bd9c38a97bb4274f0b6_cryptolocker
-
Size
63KB
-
Sample
240228-mknlwahd6t
-
MD5
2c742964bab78bd9c38a97bb4274f0b6
-
SHA1
552e3303e2851eaec7a5bfd085967e0daa3ed288
-
SHA256
1907ef76d387bda17c6c7c82c4204761f1475ec214222a9b799859d4fb26d3b7
-
SHA512
1dcd250f21af3a2aff3fd2d670061719ce4d54805a7eec43d62d157d160a834692d5ee76b110eb19c74b1e6cf0574e90739fb8cab399f698dcd042853187603f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISuq:6j+1NMOtEvwDpjr8ox8UDE39
Malware Config
Targets
-
-
Target
2024-02-28_2c742964bab78bd9c38a97bb4274f0b6_cryptolocker
-
Size
63KB
-
MD5
2c742964bab78bd9c38a97bb4274f0b6
-
SHA1
552e3303e2851eaec7a5bfd085967e0daa3ed288
-
SHA256
1907ef76d387bda17c6c7c82c4204761f1475ec214222a9b799859d4fb26d3b7
-
SHA512
1dcd250f21af3a2aff3fd2d670061719ce4d54805a7eec43d62d157d160a834692d5ee76b110eb19c74b1e6cf0574e90739fb8cab399f698dcd042853187603f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISuq:6j+1NMOtEvwDpjr8ox8UDE39
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-