General
-
Target
2024-03-27_a102eac4b044904f081f457a616382cb_cryptolocker
-
Size
38KB
-
Sample
240327-elw1mscc62
-
MD5
a102eac4b044904f081f457a616382cb
-
SHA1
7b28cdadd89453cec04330558d135adffd54f9ce
-
SHA256
8844f93273e80c41b6a7f71b6e3e4100444bb96e2990c3d800091bd8696a12df
-
SHA512
81d6cd51dd6d661b9569d790f2eb63d0b95afb9a08a3eaaa2c05a6a38d400a2b0efdb8af487ddaa08aab58369ae9b6b433faf15eef9f2ee5403d980eb1bd9103
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQgk:i5nkFGMOtEvwDpjn/JQgk
Malware Config
Targets
-
-
Target
2024-03-27_a102eac4b044904f081f457a616382cb_cryptolocker
-
Size
38KB
-
MD5
a102eac4b044904f081f457a616382cb
-
SHA1
7b28cdadd89453cec04330558d135adffd54f9ce
-
SHA256
8844f93273e80c41b6a7f71b6e3e4100444bb96e2990c3d800091bd8696a12df
-
SHA512
81d6cd51dd6d661b9569d790f2eb63d0b95afb9a08a3eaaa2c05a6a38d400a2b0efdb8af487ddaa08aab58369ae9b6b433faf15eef9f2ee5403d980eb1bd9103
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQgk:i5nkFGMOtEvwDpjn/JQgk
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-