General
-
Target
2024-03-29_ad7fb5d05be7e8a37c9a60f0dfc7b736_cryptolocker
-
Size
102KB
-
Sample
240329-vpbf4sdg73
-
MD5
ad7fb5d05be7e8a37c9a60f0dfc7b736
-
SHA1
aa7af6d3d02a16dfad146f8a29c3fa34460e9162
-
SHA256
2a56cc04f6f9d394002766a1800dd28103807f652fdb606a96d7e32084b1e7ac
-
SHA512
597e908702e8ffbf356c6eb34ee26ba37c94fa0f3443921eec888890d5d77f0271f4a24fd834ea59e582484f569a8c1542b44d2c48fe7a0cdbd401fac386f6dc
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2wSd8:xj+VGMOtEvwDpjubwQEIiVmkxv/A
Malware Config
Targets
-
-
Target
2024-03-29_ad7fb5d05be7e8a37c9a60f0dfc7b736_cryptolocker
-
Size
102KB
-
MD5
ad7fb5d05be7e8a37c9a60f0dfc7b736
-
SHA1
aa7af6d3d02a16dfad146f8a29c3fa34460e9162
-
SHA256
2a56cc04f6f9d394002766a1800dd28103807f652fdb606a96d7e32084b1e7ac
-
SHA512
597e908702e8ffbf356c6eb34ee26ba37c94fa0f3443921eec888890d5d77f0271f4a24fd834ea59e582484f569a8c1542b44d2c48fe7a0cdbd401fac386f6dc
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2wSd8:xj+VGMOtEvwDpjubwQEIiVmkxv/A
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-