General
-
Target
2024-03-13_f03a3622cb80c9f40773135bc3e85d0d_cryptolocker
-
Size
40KB
-
Sample
240313-vep7hsab7z
-
MD5
f03a3622cb80c9f40773135bc3e85d0d
-
SHA1
328b53ea3e431faaf7e0ff052b0cbf065b8a00f6
-
SHA256
16790ced1757ceb80b02c11e0db6b1dab337383b1fbe588132c46802855721de
-
SHA512
58ec1d0f5c88b05c329b9a9c7e6c4e650b667c7da6b1c75699529cbb93876d27af2b9f12c95435180d43ab6b6c6a7ac01d1f482b5464058ab2a01c93d82300a7
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZcvf:b/pYayGig5HjS3jcH
Malware Config
Targets
-
-
Target
2024-03-13_f03a3622cb80c9f40773135bc3e85d0d_cryptolocker
-
Size
40KB
-
MD5
f03a3622cb80c9f40773135bc3e85d0d
-
SHA1
328b53ea3e431faaf7e0ff052b0cbf065b8a00f6
-
SHA256
16790ced1757ceb80b02c11e0db6b1dab337383b1fbe588132c46802855721de
-
SHA512
58ec1d0f5c88b05c329b9a9c7e6c4e650b667c7da6b1c75699529cbb93876d27af2b9f12c95435180d43ab6b6c6a7ac01d1f482b5464058ab2a01c93d82300a7
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlZcvf:b/pYayGig5HjS3jcH
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-