General
-
Target
2024-04-22_b34ce6efec5099e99613cb37725e8dc6_cryptolocker
-
Size
103KB
-
Sample
240422-qcmamabh6x
-
MD5
b34ce6efec5099e99613cb37725e8dc6
-
SHA1
f16fb2a1527a6c28c912482842f46cc8e5f382ee
-
SHA256
513f44dd7d47d88d1c931e288703fc4ba5c362d31aa534f5e242511d498e7ece
-
SHA512
a9f5b0d410ef82390881ae1195815568bfaa2755d23cb19bea7812b85006261b1c38172bac6dad86c7d2bc9799032a3b359998ed99ee19e4876ef6de92bbbd26
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviy6z:AnBdOOtEvwDpj6zf
Malware Config
Targets
-
-
Target
2024-04-22_b34ce6efec5099e99613cb37725e8dc6_cryptolocker
-
Size
103KB
-
MD5
b34ce6efec5099e99613cb37725e8dc6
-
SHA1
f16fb2a1527a6c28c912482842f46cc8e5f382ee
-
SHA256
513f44dd7d47d88d1c931e288703fc4ba5c362d31aa534f5e242511d498e7ece
-
SHA512
a9f5b0d410ef82390881ae1195815568bfaa2755d23cb19bea7812b85006261b1c38172bac6dad86c7d2bc9799032a3b359998ed99ee19e4876ef6de92bbbd26
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviy6z:AnBdOOtEvwDpj6zf
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-