General
-
Target
2024-03-08_fe66539ef2ccb78c021d46b6d6a060bd_cryptolocker
-
Size
67KB
-
Sample
240308-g9t73aad4w
-
MD5
fe66539ef2ccb78c021d46b6d6a060bd
-
SHA1
63e38931e77680958130df0029e60fb26c324f5b
-
SHA256
384456e1683549f7ecddbb492b47607922aee2893ad38b2f842e2c8b7386cfb3
-
SHA512
5be920127d75159c6a47f57897309fc8e64e48fd6c1c6bef41d96bc1027d5076c7c2806d8cc2f9ba91fd2ab75a9383d54948997da79938c6cd738ea7ffcc5bfc
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAvCbDa6JU:z6a+CdOOtEvwDpjQHW
Malware Config
Targets
-
-
Target
2024-03-08_fe66539ef2ccb78c021d46b6d6a060bd_cryptolocker
-
Size
67KB
-
MD5
fe66539ef2ccb78c021d46b6d6a060bd
-
SHA1
63e38931e77680958130df0029e60fb26c324f5b
-
SHA256
384456e1683549f7ecddbb492b47607922aee2893ad38b2f842e2c8b7386cfb3
-
SHA512
5be920127d75159c6a47f57897309fc8e64e48fd6c1c6bef41d96bc1027d5076c7c2806d8cc2f9ba91fd2ab75a9383d54948997da79938c6cd738ea7ffcc5bfc
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAvCbDa6JU:z6a+CdOOtEvwDpjQHW
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-