General
-
Target
2024-03-06_e85b2e1dcd64f8cd95418f454823852d_cryptolocker
-
Size
64KB
-
Sample
240306-tbnzlscg2v
-
MD5
e85b2e1dcd64f8cd95418f454823852d
-
SHA1
6f588950b9a68dc81a26c9e6b6769c78d8a161a6
-
SHA256
21b51f6fe37db78b953f05ce0c8a9bee911d19788cdf6ffcc8f8aa4b8e92acaa
-
SHA512
3c2bdd9e7a97b790b89ebf8c38df2677b25830453c5957519ad77184fa16187c98b8e244b6a0e8af4bf56105ea727d2f480be1236a8459652d4c5b2bc0bb13b0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEO10HP:6j+1NMOtEvwDpjr8ox8UDEy0v
Malware Config
Targets
-
-
Target
2024-03-06_e85b2e1dcd64f8cd95418f454823852d_cryptolocker
-
Size
64KB
-
MD5
e85b2e1dcd64f8cd95418f454823852d
-
SHA1
6f588950b9a68dc81a26c9e6b6769c78d8a161a6
-
SHA256
21b51f6fe37db78b953f05ce0c8a9bee911d19788cdf6ffcc8f8aa4b8e92acaa
-
SHA512
3c2bdd9e7a97b790b89ebf8c38df2677b25830453c5957519ad77184fa16187c98b8e244b6a0e8af4bf56105ea727d2f480be1236a8459652d4c5b2bc0bb13b0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEO10HP:6j+1NMOtEvwDpjr8ox8UDEy0v
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-