General
-
Target
2024-03-08_63a84885d816ab84921ffb92dd358b65_cryptolocker
-
Size
94KB
-
Sample
240308-g91d3she43
-
MD5
63a84885d816ab84921ffb92dd358b65
-
SHA1
e0be5f6f962b19e9a1db90783dbfca11e6d78e28
-
SHA256
5eb051c24989b665931c4adf7d187dc6acb2df9c590d0d4f836932db754c13a5
-
SHA512
60d487fc5f7bab40881c7598461e56e892e2cb80b8dbaa6649f15cd54fc0be9ddf5448798cfa36625997ec7fd1f33e38a35d998fbe0098b1e3568854d6892737
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJyqd3:xj+VGMOtEvwDpjubwQEIiVmkuq9
Malware Config
Targets
-
-
Target
2024-03-08_63a84885d816ab84921ffb92dd358b65_cryptolocker
-
Size
94KB
-
MD5
63a84885d816ab84921ffb92dd358b65
-
SHA1
e0be5f6f962b19e9a1db90783dbfca11e6d78e28
-
SHA256
5eb051c24989b665931c4adf7d187dc6acb2df9c590d0d4f836932db754c13a5
-
SHA512
60d487fc5f7bab40881c7598461e56e892e2cb80b8dbaa6649f15cd54fc0be9ddf5448798cfa36625997ec7fd1f33e38a35d998fbe0098b1e3568854d6892737
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJyqd3:xj+VGMOtEvwDpjubwQEIiVmkuq9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-