General
-
Target
2024-04-17_12c4240bbd882b35671aeda26ee800f9_cryptolocker
-
Size
40KB
-
Sample
240417-y6wp6aef5t
-
MD5
12c4240bbd882b35671aeda26ee800f9
-
SHA1
39d8f34a3601260dfafa2c8398a230fd1c2293a8
-
SHA256
9f299e1b8c26c629b6d5ce71f60aba577d59c6ef0ace657395a1a8c6db40016b
-
SHA512
ef58680f73caab8b731f05afb3014a3fef2ee6084fb90e72439ca4f5451f07159c873e634a5406085571bbbc3961b483ac9c1178f8c4571b4c66696f561f524f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZs:i5nkFGMOtEvwDpjR+viHse
Malware Config
Targets
-
-
Target
2024-04-17_12c4240bbd882b35671aeda26ee800f9_cryptolocker
-
Size
40KB
-
MD5
12c4240bbd882b35671aeda26ee800f9
-
SHA1
39d8f34a3601260dfafa2c8398a230fd1c2293a8
-
SHA256
9f299e1b8c26c629b6d5ce71f60aba577d59c6ef0ace657395a1a8c6db40016b
-
SHA512
ef58680f73caab8b731f05afb3014a3fef2ee6084fb90e72439ca4f5451f07159c873e634a5406085571bbbc3961b483ac9c1178f8c4571b4c66696f561f524f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZs:i5nkFGMOtEvwDpjR+viHse
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-