General
-
Target
2024-02-28_9863ac1b8072dc9c76babc18ccf80c02_cryptolocker
-
Size
107KB
-
Sample
240228-p4frgsca53
-
MD5
9863ac1b8072dc9c76babc18ccf80c02
-
SHA1
c391bf420b9222b921d0627bd3e0a1369952e638
-
SHA256
2b6bfb450d95989450c82edc6adb52df9ce708435a230c74c0edfd191f083a27
-
SHA512
5cda53d34017bb1a8c4e73a1a64bc6475e7b7855ec0fc10eeb37b995591c8151dddccae405c1a438331bf7d24ef35bac90ed6e26a6326adbfe787eebaf9eef7c
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwMgc:z6a+CdOOtEvwDpjczI
Malware Config
Targets
-
-
Target
2024-02-28_9863ac1b8072dc9c76babc18ccf80c02_cryptolocker
-
Size
107KB
-
MD5
9863ac1b8072dc9c76babc18ccf80c02
-
SHA1
c391bf420b9222b921d0627bd3e0a1369952e638
-
SHA256
2b6bfb450d95989450c82edc6adb52df9ce708435a230c74c0edfd191f083a27
-
SHA512
5cda53d34017bb1a8c4e73a1a64bc6475e7b7855ec0fc10eeb37b995591c8151dddccae405c1a438331bf7d24ef35bac90ed6e26a6326adbfe787eebaf9eef7c
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwMgc:z6a+CdOOtEvwDpjczI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-