General
-
Target
2024-03-15_3b8dd27b55548c2619c3ea7596d4cac4_cryptolocker
-
Size
50KB
-
Sample
240315-mekb9sgb95
-
MD5
3b8dd27b55548c2619c3ea7596d4cac4
-
SHA1
b17822fac35458ea9ab4e9da870e4fe40c0b771f
-
SHA256
123e4fbd59d121dd645b9465edef08695af366aac3cdafdfe9e663f28c48f855
-
SHA512
3bb7336c22f44554f86fcbb01fa2b1f42ac9b4a0d1bf999296ec8fe0ce319847be57af9ddd40ece258fe0ff1eb95d806b07c44272a7c5ea92fc7b37386127ff6
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvgpnuQ3SzjGk:6j+1NMOtEvwDpjr8hgpuQ3w
Malware Config
Targets
-
-
Target
2024-03-15_3b8dd27b55548c2619c3ea7596d4cac4_cryptolocker
-
Size
50KB
-
MD5
3b8dd27b55548c2619c3ea7596d4cac4
-
SHA1
b17822fac35458ea9ab4e9da870e4fe40c0b771f
-
SHA256
123e4fbd59d121dd645b9465edef08695af366aac3cdafdfe9e663f28c48f855
-
SHA512
3bb7336c22f44554f86fcbb01fa2b1f42ac9b4a0d1bf999296ec8fe0ce319847be57af9ddd40ece258fe0ff1eb95d806b07c44272a7c5ea92fc7b37386127ff6
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvgpnuQ3SzjGk:6j+1NMOtEvwDpjr8hgpuQ3w
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-