General
-
Target
2024-04-10_05615f65158c03632634a23df3edbbc7_cryptolocker
-
Size
38KB
-
Sample
240410-cwlljsbh98
-
MD5
05615f65158c03632634a23df3edbbc7
-
SHA1
b8e38aeb7fc6b8e271c66531f46f3b40fcfefe2f
-
SHA256
0fba402ee75692b07958fbbecab17645e82958da18ce38b13c90b6611eb34658
-
SHA512
4acb846e6e002f92bbf896afbe89aa81eda69bdfd9e55af70532f4f70dfed4b4f9154f19a9d6bf8b07d415cc068896a294eed1a38a72caf72119cc1efdec4881
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv00Gxmz:m5nkFNMOtEvwDpjG8h00Gxmz
Malware Config
Targets
-
-
Target
2024-04-10_05615f65158c03632634a23df3edbbc7_cryptolocker
-
Size
38KB
-
MD5
05615f65158c03632634a23df3edbbc7
-
SHA1
b8e38aeb7fc6b8e271c66531f46f3b40fcfefe2f
-
SHA256
0fba402ee75692b07958fbbecab17645e82958da18ce38b13c90b6611eb34658
-
SHA512
4acb846e6e002f92bbf896afbe89aa81eda69bdfd9e55af70532f4f70dfed4b4f9154f19a9d6bf8b07d415cc068896a294eed1a38a72caf72119cc1efdec4881
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv00Gxmz:m5nkFNMOtEvwDpjG8h00Gxmz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-