General
-
Target
2024-03-19_c6ac0037ad91a5c97a909bfd39dc43a3_cryptolocker
-
Size
38KB
-
Sample
240319-yndfvsef6w
-
MD5
c6ac0037ad91a5c97a909bfd39dc43a3
-
SHA1
d781cf8fca4dfc94c60871afcaeffc9a2e94b374
-
SHA256
5e262efb726c9e7ed51cd6a44f1d12265310658031819b28e3f0157dcefc52f1
-
SHA512
511e557e3d8dd84e87bb21316fa98d7fc859b8d97536c76cd8e38df27b3cdf2cf03f593f7428da71d6f02e654effc70355d749530d6b802003c4235dc350870d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRhpk5:m5nkFNMOtEvwDpjG8hhXLpk5
Malware Config
Targets
-
-
Target
2024-03-19_c6ac0037ad91a5c97a909bfd39dc43a3_cryptolocker
-
Size
38KB
-
MD5
c6ac0037ad91a5c97a909bfd39dc43a3
-
SHA1
d781cf8fca4dfc94c60871afcaeffc9a2e94b374
-
SHA256
5e262efb726c9e7ed51cd6a44f1d12265310658031819b28e3f0157dcefc52f1
-
SHA512
511e557e3d8dd84e87bb21316fa98d7fc859b8d97536c76cd8e38df27b3cdf2cf03f593f7428da71d6f02e654effc70355d749530d6b802003c4235dc350870d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRhpk5:m5nkFNMOtEvwDpjG8hhXLpk5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-