General
-
Target
2024-03-11_4d858e3f434a4cc64e1ab197a199e594_cryptolocker
-
Size
39KB
-
Sample
240311-3exklahd7x
-
MD5
4d858e3f434a4cc64e1ab197a199e594
-
SHA1
91898de39a4d5e65cd189247891a7282d5cf29aa
-
SHA256
9bc04c729a9413d451f38ca7787cb39906c6dcc06d9aff818fe7d57253484b43
-
SHA512
9895bafce2052f7f58473e69af22570efc5b24777109b6def5e949ab2fd457dc4349935148555a63579847ddc4d98e5bdda36b32857b4c5e514dc8b04805ae44
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYY:m5nkFNMOtEvwDpjG8hgpYY
Malware Config
Targets
-
-
Target
2024-03-11_4d858e3f434a4cc64e1ab197a199e594_cryptolocker
-
Size
39KB
-
MD5
4d858e3f434a4cc64e1ab197a199e594
-
SHA1
91898de39a4d5e65cd189247891a7282d5cf29aa
-
SHA256
9bc04c729a9413d451f38ca7787cb39906c6dcc06d9aff818fe7d57253484b43
-
SHA512
9895bafce2052f7f58473e69af22570efc5b24777109b6def5e949ab2fd457dc4349935148555a63579847ddc4d98e5bdda36b32857b4c5e514dc8b04805ae44
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnYY:m5nkFNMOtEvwDpjG8hgpYY
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-