General
-
Target
2024-04-15_685ab5109faf30b1b8391b9f7eba24e0_cryptolocker
-
Size
46KB
-
Sample
240415-r3n3ksgh69
-
MD5
685ab5109faf30b1b8391b9f7eba24e0
-
SHA1
0fe8b782e3ba5f4370b0027ae85c01f36cd60189
-
SHA256
f282f57093d0f28834adb42baa4713bab04d1f99fa22ff58b7fa0bd1ce27f8a1
-
SHA512
97822cdc5d9b83240b4b79e7f5875d03f2bf74752f4829d9344518d270f87eeb0baf56e7745629bb6294a7efdc949a58e1a20c57e22d1382ee437ca34daed634
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobH:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ1
Malware Config
Targets
-
-
Target
2024-04-15_685ab5109faf30b1b8391b9f7eba24e0_cryptolocker
-
Size
46KB
-
MD5
685ab5109faf30b1b8391b9f7eba24e0
-
SHA1
0fe8b782e3ba5f4370b0027ae85c01f36cd60189
-
SHA256
f282f57093d0f28834adb42baa4713bab04d1f99fa22ff58b7fa0bd1ce27f8a1
-
SHA512
97822cdc5d9b83240b4b79e7f5875d03f2bf74752f4829d9344518d270f87eeb0baf56e7745629bb6294a7efdc949a58e1a20c57e22d1382ee437ca34daed634
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobH:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-