General
-
Target
2024-04-19_699a61ce52dfd297f0d6de546e3a3d38_cryptolocker
-
Size
67KB
-
Sample
240419-pt27qsdf4z
-
MD5
699a61ce52dfd297f0d6de546e3a3d38
-
SHA1
194a1cd9d4f485e0e431bd14fd131fa5f1f1abaf
-
SHA256
071165a2122c9b03ee606c7e72dcb6e6f0632a1ff2a6fd6ed3493fd0ce7a85fc
-
SHA512
f16167522156fa28cde50ebefacfae110701987ba71f89fefa3da6cbfad82eeaa88c1b5b53d37462876e3b342d30ab7260f7e60838a23da33c9a5fd7eed13115
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/6:i5nkFGMOtEvwDpjNbwQEI8UZDC
Malware Config
Targets
-
-
Target
2024-04-19_699a61ce52dfd297f0d6de546e3a3d38_cryptolocker
-
Size
67KB
-
MD5
699a61ce52dfd297f0d6de546e3a3d38
-
SHA1
194a1cd9d4f485e0e431bd14fd131fa5f1f1abaf
-
SHA256
071165a2122c9b03ee606c7e72dcb6e6f0632a1ff2a6fd6ed3493fd0ce7a85fc
-
SHA512
f16167522156fa28cde50ebefacfae110701987ba71f89fefa3da6cbfad82eeaa88c1b5b53d37462876e3b342d30ab7260f7e60838a23da33c9a5fd7eed13115
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/6:i5nkFGMOtEvwDpjNbwQEI8UZDC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-