General
-
Target
2024-03-08_c4d53913d6e5ea505ca4062bbcd24698_cryptolocker
-
Size
37KB
-
Sample
240308-yh9bcafe5v
-
MD5
c4d53913d6e5ea505ca4062bbcd24698
-
SHA1
6cc8da88dd06f8d82d681cfee1195dd11a99b35e
-
SHA256
526dee2187a53decde53d1e7fe186c68a7150a5277fe9bd8d8d810ea25e60063
-
SHA512
770ed132aacaf9cac07e97b32c6079d3229e8e4a08b56ab2755533f7bc26a35f37b1815febb308f45a7f6ca0834d4ba39f77a5ef8473604699b55b31bc2b7b39
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/uY:m5nkFNMOtEvwDpjG8h9
Malware Config
Targets
-
-
Target
2024-03-08_c4d53913d6e5ea505ca4062bbcd24698_cryptolocker
-
Size
37KB
-
MD5
c4d53913d6e5ea505ca4062bbcd24698
-
SHA1
6cc8da88dd06f8d82d681cfee1195dd11a99b35e
-
SHA256
526dee2187a53decde53d1e7fe186c68a7150a5277fe9bd8d8d810ea25e60063
-
SHA512
770ed132aacaf9cac07e97b32c6079d3229e8e4a08b56ab2755533f7bc26a35f37b1815febb308f45a7f6ca0834d4ba39f77a5ef8473604699b55b31bc2b7b39
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/uY:m5nkFNMOtEvwDpjG8h9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-