General
-
Target
2024-03-18_4730068a43f22abc6af8273f8448efd7_cryptolocker
-
Size
35KB
-
Sample
240318-xgxeqagc5x
-
MD5
4730068a43f22abc6af8273f8448efd7
-
SHA1
c32064a910410b554e0cdfdd2551e734eb2a496d
-
SHA256
5f9fabd5b3550c95766f9d62cbf40c18bdb86df2dc24e13228079da52b7f4b5d
-
SHA512
0c723ac16f334289b495c561c80f1cf9e435770afb3647c3eded592bcfac8cb762a442cb43fa839a3a1928fa6363e8c229dda9b3eddb8c588ea710fea3050e55
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkK:qDdFJy3QMOtEvwDpjjWMll
Malware Config
Targets
-
-
Target
2024-03-18_4730068a43f22abc6af8273f8448efd7_cryptolocker
-
Size
35KB
-
MD5
4730068a43f22abc6af8273f8448efd7
-
SHA1
c32064a910410b554e0cdfdd2551e734eb2a496d
-
SHA256
5f9fabd5b3550c95766f9d62cbf40c18bdb86df2dc24e13228079da52b7f4b5d
-
SHA512
0c723ac16f334289b495c561c80f1cf9e435770afb3647c3eded592bcfac8cb762a442cb43fa839a3a1928fa6363e8c229dda9b3eddb8c588ea710fea3050e55
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkK:qDdFJy3QMOtEvwDpjjWMll
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-