General
-
Target
2024-04-22_b5c5117c8139cdab479e98c34b3cb250_cryptolocker
-
Size
70KB
-
Sample
240422-j6xvwshd6x
-
MD5
b5c5117c8139cdab479e98c34b3cb250
-
SHA1
ec6786694a62b8be8c26098b9fe85f0ab4a9ded2
-
SHA256
a5deebbf66b66c030122300171d63c0866504fa1fe12828f7b6839fb06df3ca0
-
SHA512
6eb6c313551772dabea933b1398e20af15f2f7fd2ad750862a34d9b66c5569e77ffa6952a9c34d72df7eea5db858534fdbb0f7b3737213e90559eeb91275dc95
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9R:C4Q2c94OtEvwDpj4H8z4
Malware Config
Targets
-
-
Target
2024-04-22_b5c5117c8139cdab479e98c34b3cb250_cryptolocker
-
Size
70KB
-
MD5
b5c5117c8139cdab479e98c34b3cb250
-
SHA1
ec6786694a62b8be8c26098b9fe85f0ab4a9ded2
-
SHA256
a5deebbf66b66c030122300171d63c0866504fa1fe12828f7b6839fb06df3ca0
-
SHA512
6eb6c313551772dabea933b1398e20af15f2f7fd2ad750862a34d9b66c5569e77ffa6952a9c34d72df7eea5db858534fdbb0f7b3737213e90559eeb91275dc95
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9R:C4Q2c94OtEvwDpj4H8z4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-