General
-
Target
2024-03-10_fcd21559d1da1186c7b8d08c73e2a5ae_cryptolocker
-
Size
39KB
-
Sample
240310-hdggrsed74
-
MD5
fcd21559d1da1186c7b8d08c73e2a5ae
-
SHA1
3d316de3a5897b97cb4077e8fbbfb0b7cfb4849f
-
SHA256
a57d882e5729b39345aeb89ec4618ecccd8d7924690eb39b1c2875d476b90116
-
SHA512
166af42c1dd72b8e1736e9be3ba6c0fc7113c7ff64a65b600b1c90b4f2ac5e6236761b5fe303783e04c188e2c2913e4f3f5e321793775cc3215a2f8616ab3b07
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYd:m5nkFNMOtEvwDpjG8hgpYd
Malware Config
Targets
-
-
Target
2024-03-10_fcd21559d1da1186c7b8d08c73e2a5ae_cryptolocker
-
Size
39KB
-
MD5
fcd21559d1da1186c7b8d08c73e2a5ae
-
SHA1
3d316de3a5897b97cb4077e8fbbfb0b7cfb4849f
-
SHA256
a57d882e5729b39345aeb89ec4618ecccd8d7924690eb39b1c2875d476b90116
-
SHA512
166af42c1dd72b8e1736e9be3ba6c0fc7113c7ff64a65b600b1c90b4f2ac5e6236761b5fe303783e04c188e2c2913e4f3f5e321793775cc3215a2f8616ab3b07
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYd:m5nkFNMOtEvwDpjG8hgpYd
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-