General
-
Target
2024-03-20_22ccd41258a991fc39eadaed57168e37_cryptolocker
-
Size
46KB
-
Sample
240320-a4n1jacc97
-
MD5
22ccd41258a991fc39eadaed57168e37
-
SHA1
479d5d2c1268a9a489df53531b317ff6a91d0775
-
SHA256
2e71f0921a1a603af4c578db73084f558dbb05791683475a0aeaa71145dd93e4
-
SHA512
21d3cd1fdd98ff06b41af018c62f15b83e1c05d43b091b773568fdb74d7026f84a7d579980f7ef82b806ac4189edc70cb8cf7ae3a8f9352ded756746e14eb5d1
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRl:xj+VGMOtEvwDpjy+TRl
Malware Config
Targets
-
-
Target
2024-03-20_22ccd41258a991fc39eadaed57168e37_cryptolocker
-
Size
46KB
-
MD5
22ccd41258a991fc39eadaed57168e37
-
SHA1
479d5d2c1268a9a489df53531b317ff6a91d0775
-
SHA256
2e71f0921a1a603af4c578db73084f558dbb05791683475a0aeaa71145dd93e4
-
SHA512
21d3cd1fdd98ff06b41af018c62f15b83e1c05d43b091b773568fdb74d7026f84a7d579980f7ef82b806ac4189edc70cb8cf7ae3a8f9352ded756746e14eb5d1
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRl:xj+VGMOtEvwDpjy+TRl
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-