General
-
Target
2024-04-23_36453e8cab90219e8427953e3f594452_cryptolocker
-
Size
128KB
-
Sample
240423-d3cgwsce2z
-
MD5
36453e8cab90219e8427953e3f594452
-
SHA1
640f18e2a133dd0e1eaa4cff24ee7e87330a64f1
-
SHA256
dab41a09e41d9526787bb56910ffcff3cbd8d2cef64ba000914fd4f244a66617
-
SHA512
fb58ad36df738a68c1ef661da59951f086861563fc546df7bf111a6a04cb9da8de8cb7236ddb74da022d2e06c2dc67fa740ec94a5d46d2dcc1911678c19c828d
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1ebHkw:AnBdOOtEvwDpj6zt
Malware Config
Targets
-
-
Target
2024-04-23_36453e8cab90219e8427953e3f594452_cryptolocker
-
Size
128KB
-
MD5
36453e8cab90219e8427953e3f594452
-
SHA1
640f18e2a133dd0e1eaa4cff24ee7e87330a64f1
-
SHA256
dab41a09e41d9526787bb56910ffcff3cbd8d2cef64ba000914fd4f244a66617
-
SHA512
fb58ad36df738a68c1ef661da59951f086861563fc546df7bf111a6a04cb9da8de8cb7236ddb74da022d2e06c2dc67fa740ec94a5d46d2dcc1911678c19c828d
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1ebHkw:AnBdOOtEvwDpj6zt
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-