General
-
Target
2024-03-18_a5d29efcccee91af55ee0f9169517ee9_cryptolocker
-
Size
66KB
-
Sample
240318-3j458scd2z
-
MD5
a5d29efcccee91af55ee0f9169517ee9
-
SHA1
2b8bdd57ae88691796e50fdec546104c25c0e481
-
SHA256
4916c87747f7e07ea143806c4a71c97e9b3568a91fe8086216f59aeb1608e281
-
SHA512
11551c6bbec7a7d37f7026a8fdf4f22c103342a9dcce5de0fb53be8aff8c49c06e5cfd1d5a57b397178785b0a801ad481cb210c399e9ef2ec3f99b9b9f64ccd5
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIbo:6j+1NMOtEvwDpjr8ox8UDEpuha8PIU
Malware Config
Targets
-
-
Target
2024-03-18_a5d29efcccee91af55ee0f9169517ee9_cryptolocker
-
Size
66KB
-
MD5
a5d29efcccee91af55ee0f9169517ee9
-
SHA1
2b8bdd57ae88691796e50fdec546104c25c0e481
-
SHA256
4916c87747f7e07ea143806c4a71c97e9b3568a91fe8086216f59aeb1608e281
-
SHA512
11551c6bbec7a7d37f7026a8fdf4f22c103342a9dcce5de0fb53be8aff8c49c06e5cfd1d5a57b397178785b0a801ad481cb210c399e9ef2ec3f99b9b9f64ccd5
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEpEhhaUlPIbo:6j+1NMOtEvwDpjr8ox8UDEpuha8PIU
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-