General
-
Target
2024-04-20_8fd8a6cd1b3abef7654d3d1377d5d412_cryptolocker
-
Size
38KB
-
Sample
240420-zamm2shg41
-
MD5
8fd8a6cd1b3abef7654d3d1377d5d412
-
SHA1
49553d2228a7b39e34e852d2f5842190d5b89cf6
-
SHA256
f81e439f20d35efde47eb0bf651179cb54ed5162e0169126c460403183e7bafb
-
SHA512
0552eb6fd928619f37931bfff8685c324718e622446b437f76b515e1b0eea2c27d17e287f2ceb5fbf94a466daa9b5d79f24de6d61bc5854e455303c9765a3713
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYP:qDdFJy3QMOtEvwDpjjWMl7Tm
Malware Config
Targets
-
-
Target
2024-04-20_8fd8a6cd1b3abef7654d3d1377d5d412_cryptolocker
-
Size
38KB
-
MD5
8fd8a6cd1b3abef7654d3d1377d5d412
-
SHA1
49553d2228a7b39e34e852d2f5842190d5b89cf6
-
SHA256
f81e439f20d35efde47eb0bf651179cb54ed5162e0169126c460403183e7bafb
-
SHA512
0552eb6fd928619f37931bfff8685c324718e622446b437f76b515e1b0eea2c27d17e287f2ceb5fbf94a466daa9b5d79f24de6d61bc5854e455303c9765a3713
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYP:qDdFJy3QMOtEvwDpjjWMl7Tm
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-