General
-
Target
2024-04-23_990ffa0428f987eb35cc804c2f506c7c_cryptolocker
-
Size
50KB
-
Sample
240423-w3t12sag42
-
MD5
990ffa0428f987eb35cc804c2f506c7c
-
SHA1
af1744ee334b95a3dde66ed6b08e7c867b24e6b5
-
SHA256
ec32f02537c6285b206f5c78a72bb1e35dd1928e29cdd35416501b440d1650b0
-
SHA512
b83f33079c87a015f53d12a3cb9c1cc97b1712a1a1eebc7ad93ef041b901048eab4828dd324e127362e8396461f3fa831ae74e31596ad7fb5d96bf97484c85af
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRp5jvbN:6j+1NMOtEvwDpjr8hhXj53N
Malware Config
Targets
-
-
Target
2024-04-23_990ffa0428f987eb35cc804c2f506c7c_cryptolocker
-
Size
50KB
-
MD5
990ffa0428f987eb35cc804c2f506c7c
-
SHA1
af1744ee334b95a3dde66ed6b08e7c867b24e6b5
-
SHA256
ec32f02537c6285b206f5c78a72bb1e35dd1928e29cdd35416501b440d1650b0
-
SHA512
b83f33079c87a015f53d12a3cb9c1cc97b1712a1a1eebc7ad93ef041b901048eab4828dd324e127362e8396461f3fa831ae74e31596ad7fb5d96bf97484c85af
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRp5jvbN:6j+1NMOtEvwDpjr8hhXj53N
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-