General
-
Target
2024-03-09_c39b6612774c49c3338daa7951585847_cryptolocker
-
Size
39KB
-
Sample
240309-s5mszacb2z
-
MD5
c39b6612774c49c3338daa7951585847
-
SHA1
107a2ed7fcc0d66f2db0ac5c6fdd91da0faedb74
-
SHA256
e4ab4b6931f6bc998a545ab00f28dffacb0408ab67c5b7c25a3e605d45933264
-
SHA512
1f798a64910653d49a9fb853725ee13476196d9f300ccad22ee02246e525bce6c9c6aca16532cf5acf78d11eb1565de52d9154f85701b07eb7d9d156de0aacb1
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYX:m5nkFNMOtEvwDpjG8hgpYX
Malware Config
Targets
-
-
Target
2024-03-09_c39b6612774c49c3338daa7951585847_cryptolocker
-
Size
39KB
-
MD5
c39b6612774c49c3338daa7951585847
-
SHA1
107a2ed7fcc0d66f2db0ac5c6fdd91da0faedb74
-
SHA256
e4ab4b6931f6bc998a545ab00f28dffacb0408ab67c5b7c25a3e605d45933264
-
SHA512
1f798a64910653d49a9fb853725ee13476196d9f300ccad22ee02246e525bce6c9c6aca16532cf5acf78d11eb1565de52d9154f85701b07eb7d9d156de0aacb1
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYX:m5nkFNMOtEvwDpjG8hgpYX
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-