General
-
Target
2024-04-09_f98c4929df3fe011fca31d9943a2fc00_cryptolocker
-
Size
100KB
-
Sample
240409-e9clxaeh67
-
MD5
f98c4929df3fe011fca31d9943a2fc00
-
SHA1
5c9a4acdc3714dee6f3f1d7731c564aca1dbb614
-
SHA256
0d25a4fd8466f6ec8a20aa5f38345c3da3ebffd61a0a05dd04a7e30fee917827
-
SHA512
9bc38cd40f13fff1fc39f820e805b3fd255de65f96de649fae9c79f1c140b33984061ee0dbba94a2e4ed1f47ca3fa2e33911530de83699c0df52b86676db9dfd
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2zu:xj+VGMOtEvwDpjubwQEIiVmkxv/Pu
Malware Config
Targets
-
-
Target
2024-04-09_f98c4929df3fe011fca31d9943a2fc00_cryptolocker
-
Size
100KB
-
MD5
f98c4929df3fe011fca31d9943a2fc00
-
SHA1
5c9a4acdc3714dee6f3f1d7731c564aca1dbb614
-
SHA256
0d25a4fd8466f6ec8a20aa5f38345c3da3ebffd61a0a05dd04a7e30fee917827
-
SHA512
9bc38cd40f13fff1fc39f820e805b3fd255de65f96de649fae9c79f1c140b33984061ee0dbba94a2e4ed1f47ca3fa2e33911530de83699c0df52b86676db9dfd
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2zu:xj+VGMOtEvwDpjubwQEIiVmkxv/Pu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-