General
-
Target
2024-03-05_14c19e05a8604bd89cf2769e22e125ca_cryptolocker
-
Size
39KB
-
Sample
240305-x6cfvafa4v
-
MD5
14c19e05a8604bd89cf2769e22e125ca
-
SHA1
97bb82f06676367ff31e35f75c90c51a01b9d05a
-
SHA256
6fce369fe1442ee1275df114bae4b8ff764f0c692ed198c5a79d01dc59f497a9
-
SHA512
155604bcf63ab8306120f169dc384fbb9666573fe82c2e755f143338183e9e08cc57fc90f8a9019f35f85b19e53efde1fc0e866cb977f43de83f0c0cb56bfae2
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yszOz:i5nkFGMOtEvwDpjR+viD0
Malware Config
Targets
-
-
Target
2024-03-05_14c19e05a8604bd89cf2769e22e125ca_cryptolocker
-
Size
39KB
-
MD5
14c19e05a8604bd89cf2769e22e125ca
-
SHA1
97bb82f06676367ff31e35f75c90c51a01b9d05a
-
SHA256
6fce369fe1442ee1275df114bae4b8ff764f0c692ed198c5a79d01dc59f497a9
-
SHA512
155604bcf63ab8306120f169dc384fbb9666573fe82c2e755f143338183e9e08cc57fc90f8a9019f35f85b19e53efde1fc0e866cb977f43de83f0c0cb56bfae2
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yszOz:i5nkFGMOtEvwDpjR+viD0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-