General
-
Target
2024-03-08_c578d638b7efdc3f40893fafe2985444_cryptolocker
-
Size
41KB
-
Sample
240308-egdcqsff31
-
MD5
c578d638b7efdc3f40893fafe2985444
-
SHA1
d6369a6b6d3d1d413018f3df62012a952ffc1df1
-
SHA256
f64377f44d899f6bd9ad33c44319de1ebf107b48df96c71a1f35a97a61fd45d3
-
SHA512
e2ff915262aba711c8f5c1da0d688af1295ee0004e9c600add42a87040e583cdb7dffddb34c63c0f9ab98b467dcc7f01b0adb22fbd32f89286c239b4c2ecb57f
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRTC:m5nkFNMOtEvwDpjG8hhXg
Malware Config
Targets
-
-
Target
2024-03-08_c578d638b7efdc3f40893fafe2985444_cryptolocker
-
Size
41KB
-
MD5
c578d638b7efdc3f40893fafe2985444
-
SHA1
d6369a6b6d3d1d413018f3df62012a952ffc1df1
-
SHA256
f64377f44d899f6bd9ad33c44319de1ebf107b48df96c71a1f35a97a61fd45d3
-
SHA512
e2ff915262aba711c8f5c1da0d688af1295ee0004e9c600add42a87040e583cdb7dffddb34c63c0f9ab98b467dcc7f01b0adb22fbd32f89286c239b4c2ecb57f
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRTC:m5nkFNMOtEvwDpjG8hhXg
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-