General
-
Target
2024-03-27_d89fef1243ef2e0acaba97e29b9dcdd6_cryptolocker
-
Size
40KB
-
Sample
240327-r4vxhshe7w
-
MD5
d89fef1243ef2e0acaba97e29b9dcdd6
-
SHA1
4a4970b377b7fe72738a244f1473d361a92f66aa
-
SHA256
1984c9a8baee90d64b3a2853d49835f2f5f653ab56672fef8e1484fc5a46664e
-
SHA512
767e92a46e41c1f7302446ce8e59681678f29f4046698c5c3e0cd22f9a7d4981bd85e548be6ff485b0fba121ed7ad6d02d3c90a0383ca69d0187cfce54e56c45
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRppts2:m5nkFNMOtEvwDpjG8hhXzzs2
Malware Config
Targets
-
-
Target
2024-03-27_d89fef1243ef2e0acaba97e29b9dcdd6_cryptolocker
-
Size
40KB
-
MD5
d89fef1243ef2e0acaba97e29b9dcdd6
-
SHA1
4a4970b377b7fe72738a244f1473d361a92f66aa
-
SHA256
1984c9a8baee90d64b3a2853d49835f2f5f653ab56672fef8e1484fc5a46664e
-
SHA512
767e92a46e41c1f7302446ce8e59681678f29f4046698c5c3e0cd22f9a7d4981bd85e548be6ff485b0fba121ed7ad6d02d3c90a0383ca69d0187cfce54e56c45
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRppts2:m5nkFNMOtEvwDpjG8hhXzzs2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-