General
-
Target
2024-03-27_37c2e42077804c1b3451d66ffdbf2ab3_cryptolocker
-
Size
40KB
-
Sample
240327-d9geesbh76
-
MD5
37c2e42077804c1b3451d66ffdbf2ab3
-
SHA1
dad809741b2ae446489d7deaaa12db1bcfbe306d
-
SHA256
462166637864c1f29d76e97b7d66ae52cfdc08ae9b9060f867cef37b0d3c7e98
-
SHA512
e38993c65992c4efe94c01e37cae19afd1791820efee6ded892b5aa9bfd38d389b693fbeb59a75b8d6bbfb092e12d6a3c66599e2fa4c9b0195b16b22006578b8
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRn0:m5nkFNMOtEvwDpjG8hhXS
Malware Config
Targets
-
-
Target
2024-03-27_37c2e42077804c1b3451d66ffdbf2ab3_cryptolocker
-
Size
40KB
-
MD5
37c2e42077804c1b3451d66ffdbf2ab3
-
SHA1
dad809741b2ae446489d7deaaa12db1bcfbe306d
-
SHA256
462166637864c1f29d76e97b7d66ae52cfdc08ae9b9060f867cef37b0d3c7e98
-
SHA512
e38993c65992c4efe94c01e37cae19afd1791820efee6ded892b5aa9bfd38d389b693fbeb59a75b8d6bbfb092e12d6a3c66599e2fa4c9b0195b16b22006578b8
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRn0:m5nkFNMOtEvwDpjG8hhXS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-