General
-
Target
2024-03-19_0b1bc466fbcadf34d66f4c10ad803d27_cryptolocker
-
Size
100KB
-
Sample
240319-f44zmsag69
-
MD5
0b1bc466fbcadf34d66f4c10ad803d27
-
SHA1
502f74ccf696bf8beb78475beb200674bd2d4f5b
-
SHA256
1cc5653f8384934e91abdcf5649047e44cbc4d478792fbdfbe70f4f9affb0777
-
SHA512
3fd0bf7f5849d24772a1cddd6d9bd093c7a83ae90c065c69be65a37b24e44df9c4eb21de066844d77b1a723b3ec09b58010468371010b354d2d8393f749c9242
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjz/664:i5nkFGMOtEvwDpjNbwQEIikrI
Malware Config
Targets
-
-
Target
2024-03-19_0b1bc466fbcadf34d66f4c10ad803d27_cryptolocker
-
Size
100KB
-
MD5
0b1bc466fbcadf34d66f4c10ad803d27
-
SHA1
502f74ccf696bf8beb78475beb200674bd2d4f5b
-
SHA256
1cc5653f8384934e91abdcf5649047e44cbc4d478792fbdfbe70f4f9affb0777
-
SHA512
3fd0bf7f5849d24772a1cddd6d9bd093c7a83ae90c065c69be65a37b24e44df9c4eb21de066844d77b1a723b3ec09b58010468371010b354d2d8393f749c9242
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjz/664:i5nkFGMOtEvwDpjNbwQEIikrI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-