General
-
Target
2024-03-18_62cadb0c4c7ae980bc3b6e42106558e0_cryptolocker
-
Size
88KB
-
Sample
240318-qxm3naaf4z
-
MD5
62cadb0c4c7ae980bc3b6e42106558e0
-
SHA1
c6ff5e30235875f70655f5e2905deadf5e71f648
-
SHA256
a4cd49220d8b987f6267042e1ba63e5f41e3972effe44030da4dd1658c03e86b
-
SHA512
c8cfbbca2d03313b0cf7e0830d2b6d662d4b53c814d9622518fb46a671325ff5f39b0ccf24d0a3ee715c8657b2547b3d5e9a73ff277ceac5c5d15e12695ee1bb
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSfb:AnBdOOtEvwDpj6zi
Malware Config
Targets
-
-
Target
2024-03-18_62cadb0c4c7ae980bc3b6e42106558e0_cryptolocker
-
Size
88KB
-
MD5
62cadb0c4c7ae980bc3b6e42106558e0
-
SHA1
c6ff5e30235875f70655f5e2905deadf5e71f648
-
SHA256
a4cd49220d8b987f6267042e1ba63e5f41e3972effe44030da4dd1658c03e86b
-
SHA512
c8cfbbca2d03313b0cf7e0830d2b6d662d4b53c814d9622518fb46a671325ff5f39b0ccf24d0a3ee715c8657b2547b3d5e9a73ff277ceac5c5d15e12695ee1bb
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSfb:AnBdOOtEvwDpj6zi
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-