General
-
Target
2024-04-18_7a8682a5d48abdb31bd325d25bc51483_cryptolocker
-
Size
49KB
-
Sample
240418-fg8z3sch4z
-
MD5
7a8682a5d48abdb31bd325d25bc51483
-
SHA1
6a7a9a1b7f34175d9b2d35fae8cce885984e6625
-
SHA256
2d887a560d440c53fa73c2c1aeb45b807d5c343497928461a30499757f55f62f
-
SHA512
7817c8690f277e85c362db2decc436f1166490132f936c074fd96c55fec9f39ca77610be594385f21347b006ea98d78ac6a935e8576a02b3b7e9cdde75608384
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHxl:6j+1NMOtEvwDpjr8hhXiz
Malware Config
Targets
-
-
Target
2024-04-18_7a8682a5d48abdb31bd325d25bc51483_cryptolocker
-
Size
49KB
-
MD5
7a8682a5d48abdb31bd325d25bc51483
-
SHA1
6a7a9a1b7f34175d9b2d35fae8cce885984e6625
-
SHA256
2d887a560d440c53fa73c2c1aeb45b807d5c343497928461a30499757f55f62f
-
SHA512
7817c8690f277e85c362db2decc436f1166490132f936c074fd96c55fec9f39ca77610be594385f21347b006ea98d78ac6a935e8576a02b3b7e9cdde75608384
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHxl:6j+1NMOtEvwDpjr8hhXiz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-