General
-
Target
2024-02-28_0f31a4c7325bf3d0f69e963646f250be_cryptolocker
-
Size
47KB
-
Sample
240228-y79neach7y
-
MD5
0f31a4c7325bf3d0f69e963646f250be
-
SHA1
975185ec71c9dc12dc2ca1019940d5d2704bb52c
-
SHA256
ce3a38d2f2acd97ca277f95d595b095a1fd9255a925bd07e8fce9dec96d35c70
-
SHA512
1c20eab3ac7ea3d279d24d17b80c7d175917c8ffdc5e87c5b8636e3b944bfdb69751961be7d8c1ca4a92749ebfd2362e98fa81aad260673cd7d17afce23465b3
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2pZ:qmbhXDmjr5MOtEvwDpj5cDtKkQZQE
Malware Config
Targets
-
-
Target
2024-02-28_0f31a4c7325bf3d0f69e963646f250be_cryptolocker
-
Size
47KB
-
MD5
0f31a4c7325bf3d0f69e963646f250be
-
SHA1
975185ec71c9dc12dc2ca1019940d5d2704bb52c
-
SHA256
ce3a38d2f2acd97ca277f95d595b095a1fd9255a925bd07e8fce9dec96d35c70
-
SHA512
1c20eab3ac7ea3d279d24d17b80c7d175917c8ffdc5e87c5b8636e3b944bfdb69751961be7d8c1ca4a92749ebfd2362e98fa81aad260673cd7d17afce23465b3
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2pZ:qmbhXDmjr5MOtEvwDpj5cDtKkQZQE
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-