General
-
Target
2024-03-25_71179ae256b4bac3823a7bd30c6fa16d_cryptolocker
-
Size
41KB
-
Sample
240325-pz4bzsah7y
-
MD5
71179ae256b4bac3823a7bd30c6fa16d
-
SHA1
c5742077851ca7b6d9cd469867e780e4109a6bb2
-
SHA256
4f6e5bf122b71cee799ac276ce305ba6df7fa56de0137312af844bdff9a7d516
-
SHA512
8dbbfe52519e35a4c1643edc554958130b5ed323366de3e9043ba3045ab3123171aa680417155afbd9d192742186eabf81d869709dc06ccdb9693ee657793fe5
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRSlv:m5nkFNMOtEvwDpjG8hhXIv
Malware Config
Targets
-
-
Target
2024-03-25_71179ae256b4bac3823a7bd30c6fa16d_cryptolocker
-
Size
41KB
-
MD5
71179ae256b4bac3823a7bd30c6fa16d
-
SHA1
c5742077851ca7b6d9cd469867e780e4109a6bb2
-
SHA256
4f6e5bf122b71cee799ac276ce305ba6df7fa56de0137312af844bdff9a7d516
-
SHA512
8dbbfe52519e35a4c1643edc554958130b5ed323366de3e9043ba3045ab3123171aa680417155afbd9d192742186eabf81d869709dc06ccdb9693ee657793fe5
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRSlv:m5nkFNMOtEvwDpjG8hhXIv
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-