General
-
Target
2024-04-19_b8897f00cf8f73fb9caf508917dc2ae2_cryptolocker
-
Size
50KB
-
Sample
240419-zqzybagb4y
-
MD5
b8897f00cf8f73fb9caf508917dc2ae2
-
SHA1
f1ba9d152031255449bb0902a7c5f43bdb15e3bf
-
SHA256
ff12464e3c274ee3be4cf8d36ab754c1b7a32aea6035d01593088bb09b9e411d
-
SHA512
ecd6b47c7de53ed63cbf2bba9c0304b8ee12ed23f94a2304b4714a186a3ec1c692b445e331428e7c8896d5ba24e2a01f44b61242f8ea068468de355cb16ff308
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRHna:6j+1NMOtEvwDpjr8hhX9a
Malware Config
Targets
-
-
Target
2024-04-19_b8897f00cf8f73fb9caf508917dc2ae2_cryptolocker
-
Size
50KB
-
MD5
b8897f00cf8f73fb9caf508917dc2ae2
-
SHA1
f1ba9d152031255449bb0902a7c5f43bdb15e3bf
-
SHA256
ff12464e3c274ee3be4cf8d36ab754c1b7a32aea6035d01593088bb09b9e411d
-
SHA512
ecd6b47c7de53ed63cbf2bba9c0304b8ee12ed23f94a2304b4714a186a3ec1c692b445e331428e7c8896d5ba24e2a01f44b61242f8ea068468de355cb16ff308
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRHna:6j+1NMOtEvwDpjr8hhX9a
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-