General
-
Target
2024-03-06_97b0767c1dfc4525767fdaf312caead2_cryptolocker
-
Size
40KB
-
Sample
240306-b79bbagh49
-
MD5
97b0767c1dfc4525767fdaf312caead2
-
SHA1
252823233e237b9817ef6eebfc9505591fb02429
-
SHA256
0c75e14ed8291ecf78bb38705ce426125c4017764414001f270f8e60a41a6399
-
SHA512
50f6fd94e6652c19f455b22496a1e135af6a9cd0e81a8e426e7694f787745497a7c324ff27395b974383d63a44a76802ac8970fe810543bbe4126939fd050da2
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR1kbb:m5nkFNMOtEvwDpjG8hhX3kbb
Malware Config
Targets
-
-
Target
2024-03-06_97b0767c1dfc4525767fdaf312caead2_cryptolocker
-
Size
40KB
-
MD5
97b0767c1dfc4525767fdaf312caead2
-
SHA1
252823233e237b9817ef6eebfc9505591fb02429
-
SHA256
0c75e14ed8291ecf78bb38705ce426125c4017764414001f270f8e60a41a6399
-
SHA512
50f6fd94e6652c19f455b22496a1e135af6a9cd0e81a8e426e7694f787745497a7c324ff27395b974383d63a44a76802ac8970fe810543bbe4126939fd050da2
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR1kbb:m5nkFNMOtEvwDpjG8hhX3kbb
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-