General
-
Target
2024-04-09_445c1163ecd63e41aa158f525e280ec6_cryptolocker
-
Size
42KB
-
Sample
240409-byklladg5x
-
MD5
445c1163ecd63e41aa158f525e280ec6
-
SHA1
e3c627ef91dde135bc547cc619aa48a998097364
-
SHA256
d2b1f6b816b8017245fc413cf15af97bd5f78d986560cafe9fe528aff2bce777
-
SHA512
d4c1a0b4c8c38cd7d991b3c71356cda9feeca4405e7dd173b269b05fde89a43278a7dd7d0b28ecd23d6d908023f94a4f98086fefa119ff7d9aa000bf9539aaad
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRpV:m5nkFNMOtEvwDpjG8hhXjV
Malware Config
Targets
-
-
Target
2024-04-09_445c1163ecd63e41aa158f525e280ec6_cryptolocker
-
Size
42KB
-
MD5
445c1163ecd63e41aa158f525e280ec6
-
SHA1
e3c627ef91dde135bc547cc619aa48a998097364
-
SHA256
d2b1f6b816b8017245fc413cf15af97bd5f78d986560cafe9fe528aff2bce777
-
SHA512
d4c1a0b4c8c38cd7d991b3c71356cda9feeca4405e7dd173b269b05fde89a43278a7dd7d0b28ecd23d6d908023f94a4f98086fefa119ff7d9aa000bf9539aaad
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRpV:m5nkFNMOtEvwDpjG8hhXjV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-