General
-
Target
2024-04-03_0b500c4cf5d852cf98ee446d796fd790_cryptolocker
-
Size
57KB
-
Sample
240403-hgescaag68
-
MD5
0b500c4cf5d852cf98ee446d796fd790
-
SHA1
9a9839708e58045056f6516c42d67ec86822199f
-
SHA256
f0d792bddd5be43e5fbad949e43408bb655b3aab6ecce50a16101257385d8db1
-
SHA512
7a77530be484a557955f6c0bf8af2f4e6099c95c063a5a80785ca8191c073c5d530a63c863aba1cb47405bfb66ae06a9568e97f0001a894c45ccf5421a0ddeea
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpy5D2:zj+soPSMOtEvwDpj4y62
Malware Config
Targets
-
-
Target
2024-04-03_0b500c4cf5d852cf98ee446d796fd790_cryptolocker
-
Size
57KB
-
MD5
0b500c4cf5d852cf98ee446d796fd790
-
SHA1
9a9839708e58045056f6516c42d67ec86822199f
-
SHA256
f0d792bddd5be43e5fbad949e43408bb655b3aab6ecce50a16101257385d8db1
-
SHA512
7a77530be484a557955f6c0bf8af2f4e6099c95c063a5a80785ca8191c073c5d530a63c863aba1cb47405bfb66ae06a9568e97f0001a894c45ccf5421a0ddeea
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpy5D2:zj+soPSMOtEvwDpj4y62
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-