General
-
Target
2024-04-03_15d330369dcbb317ef7b9404d5822ef3_cryptolocker
-
Size
63KB
-
Sample
240403-hgh5rsab9z
-
MD5
15d330369dcbb317ef7b9404d5822ef3
-
SHA1
b7dcc5dcf0b4d25561c914f6445f2c55fcea9a9a
-
SHA256
c791c9d0151fe9c2a8047afdd4bcdb7f3847f60f2b3446a2f782a3c37ea29266
-
SHA512
6fb798fdd8b7a2cb9f9a8c0ec34b194dd9828c88b4eb432a660fc5f8c4c8ee3fe25e696231241a8661dbf255631fce1e42919afede7e728a6c373a9eb1892d49
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISuN:6j+1NMOtEvwDpjr8ox8UDE3y
Malware Config
Targets
-
-
Target
2024-04-03_15d330369dcbb317ef7b9404d5822ef3_cryptolocker
-
Size
63KB
-
MD5
15d330369dcbb317ef7b9404d5822ef3
-
SHA1
b7dcc5dcf0b4d25561c914f6445f2c55fcea9a9a
-
SHA256
c791c9d0151fe9c2a8047afdd4bcdb7f3847f60f2b3446a2f782a3c37ea29266
-
SHA512
6fb798fdd8b7a2cb9f9a8c0ec34b194dd9828c88b4eb432a660fc5f8c4c8ee3fe25e696231241a8661dbf255631fce1e42919afede7e728a6c373a9eb1892d49
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEISuN:6j+1NMOtEvwDpjr8ox8UDE3y
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-