General
-
Target
2024-04-24_c37a36690d1d0c5f25a3c32d9c96cd8c_cryptolocker
-
Size
80KB
-
Sample
240424-sds6nsca49
-
MD5
c37a36690d1d0c5f25a3c32d9c96cd8c
-
SHA1
f84d58bfbfc01aa0d6cb6132b19125d2a19729ea
-
SHA256
bb44adf00f441b1f25e8772a76b276631cca862e8fc3769af0419e6e8ad66b19
-
SHA512
14a78a880f4a4ed288b2f36ab0588a30f0017f6d9897045ac7688ba4f1e3305dbb0207e2d01aaadb49d8fdd78dcea7d44496a704284b7a63806c69a4757a6afa
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdH:T6a+rdOOtEvwDpjNth
Malware Config
Targets
-
-
Target
2024-04-24_c37a36690d1d0c5f25a3c32d9c96cd8c_cryptolocker
-
Size
80KB
-
MD5
c37a36690d1d0c5f25a3c32d9c96cd8c
-
SHA1
f84d58bfbfc01aa0d6cb6132b19125d2a19729ea
-
SHA256
bb44adf00f441b1f25e8772a76b276631cca862e8fc3769af0419e6e8ad66b19
-
SHA512
14a78a880f4a4ed288b2f36ab0588a30f0017f6d9897045ac7688ba4f1e3305dbb0207e2d01aaadb49d8fdd78dcea7d44496a704284b7a63806c69a4757a6afa
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdH:T6a+rdOOtEvwDpjNth
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-