General
-
Target
2024-03-05_66e9f9a3f578b98dcf14539f8077a2de_cryptolocker
-
Size
34KB
-
Sample
240305-w5d3lsef77
-
MD5
66e9f9a3f578b98dcf14539f8077a2de
-
SHA1
f060d8985cc1aa7e220bfebff82a0f3a96ac86ff
-
SHA256
02694e62b418315ac19a4aabf099d7f349312e74ca884ec0613d6a7f3ecb4626
-
SHA512
f82459595d450cbe87951f65b936affb4766e59b0aaaa1b0da65a7edecc3b0f7f206504947a26db12f9841e412f40a6822f99914393d0ffc22f31a1b5d66bec6
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKuiJ:qUmnpomddpMOtEvwDpjjaYadY
Malware Config
Targets
-
-
Target
2024-03-05_66e9f9a3f578b98dcf14539f8077a2de_cryptolocker
-
Size
34KB
-
MD5
66e9f9a3f578b98dcf14539f8077a2de
-
SHA1
f060d8985cc1aa7e220bfebff82a0f3a96ac86ff
-
SHA256
02694e62b418315ac19a4aabf099d7f349312e74ca884ec0613d6a7f3ecb4626
-
SHA512
f82459595d450cbe87951f65b936affb4766e59b0aaaa1b0da65a7edecc3b0f7f206504947a26db12f9841e412f40a6822f99914393d0ffc22f31a1b5d66bec6
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKuiJ:qUmnpomddpMOtEvwDpjjaYadY
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-