General
-
Target
2024-04-05_6790606b930097de346d9d764e95cf08_cryptolocker
-
Size
74KB
-
Sample
240405-c5nghaag58
-
MD5
6790606b930097de346d9d764e95cf08
-
SHA1
f83568433482620ab907abe693142dcd4247ffe6
-
SHA256
a2131978fd48fc67e73850d7a18aadae2c1fcc4e82e6f0f5df16d28f42f64e60
-
SHA512
ed535c1e9e45c1005e40e36c1ba5198c307ae0ed918932bd1ce5cd65dc9d8bd8cb3a9b4298b96eafef947234f0e1e5dc8f9d6515b5fda02a776d3a255eb03003
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUwN8yb:xj+VGMOtEvwDpjubwQEI8U48yb
Malware Config
Targets
-
-
Target
2024-04-05_6790606b930097de346d9d764e95cf08_cryptolocker
-
Size
74KB
-
MD5
6790606b930097de346d9d764e95cf08
-
SHA1
f83568433482620ab907abe693142dcd4247ffe6
-
SHA256
a2131978fd48fc67e73850d7a18aadae2c1fcc4e82e6f0f5df16d28f42f64e60
-
SHA512
ed535c1e9e45c1005e40e36c1ba5198c307ae0ed918932bd1ce5cd65dc9d8bd8cb3a9b4298b96eafef947234f0e1e5dc8f9d6515b5fda02a776d3a255eb03003
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUwN8yb:xj+VGMOtEvwDpjubwQEI8U48yb
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-