General
-
Target
2024-03-09_356f1f9618ad97400cd73d187d106956_cryptolocker
-
Size
54KB
-
Sample
240309-rttxgahh36
-
MD5
356f1f9618ad97400cd73d187d106956
-
SHA1
da2834f75408b47e7bd4a5b46cea15556775535b
-
SHA256
54f6316d68a405fd76ff17d65c16c590faba691a4fa4e173e11f3b154d5ad8ab
-
SHA512
2a4e8bd4bc4309dbc800296f4034b771bd9220b9f6a48922e951a5e179f0bfe9086515789c89d687acc05f2a52b750fb3c21d0bbb3308f9896a7e7472c0a0e5c
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz75YS3:6j+1NMOtEvwDpjr8oxEnYS3
Malware Config
Targets
-
-
Target
2024-03-09_356f1f9618ad97400cd73d187d106956_cryptolocker
-
Size
54KB
-
MD5
356f1f9618ad97400cd73d187d106956
-
SHA1
da2834f75408b47e7bd4a5b46cea15556775535b
-
SHA256
54f6316d68a405fd76ff17d65c16c590faba691a4fa4e173e11f3b154d5ad8ab
-
SHA512
2a4e8bd4bc4309dbc800296f4034b771bd9220b9f6a48922e951a5e179f0bfe9086515789c89d687acc05f2a52b750fb3c21d0bbb3308f9896a7e7472c0a0e5c
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz75YS3:6j+1NMOtEvwDpjr8oxEnYS3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-