General
-
Target
2024-04-24_58b87a6092608c491f6ddc2ec303dcf9_cryptolocker
-
Size
43KB
-
Sample
240424-mhlphagg9w
-
MD5
58b87a6092608c491f6ddc2ec303dcf9
-
SHA1
ce53e77631ee4f6f3926f9f6d4c2a36ae83ab12b
-
SHA256
188e6205cff496ab9f9c573e66e03a3b07ab212a767c32a4068ba9a73ed498cd
-
SHA512
84b2d8b89c216e974da2fc9868b2819dc22933549116e189b4c92897e79332bc764f73e6d086948d84ab32609441384aa582f5fb0efd8af01fbde2da5bdaf062
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5j5K:m5nkFNMOtEvwDpjG8hhXj5FK
Malware Config
Targets
-
-
Target
2024-04-24_58b87a6092608c491f6ddc2ec303dcf9_cryptolocker
-
Size
43KB
-
MD5
58b87a6092608c491f6ddc2ec303dcf9
-
SHA1
ce53e77631ee4f6f3926f9f6d4c2a36ae83ab12b
-
SHA256
188e6205cff496ab9f9c573e66e03a3b07ab212a767c32a4068ba9a73ed498cd
-
SHA512
84b2d8b89c216e974da2fc9868b2819dc22933549116e189b4c92897e79332bc764f73e6d086948d84ab32609441384aa582f5fb0efd8af01fbde2da5bdaf062
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5j5K:m5nkFNMOtEvwDpjG8hhXj5FK
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-