General
-
Target
2024-04-25_0af513880f5e291e37ae8bc41831b6b5_cryptolocker
-
Size
40KB
-
Sample
240425-b6wc3adc4s
-
MD5
0af513880f5e291e37ae8bc41831b6b5
-
SHA1
3aeaac8e027c2cd378ec0fd3ee2309ecd7dba5e7
-
SHA256
408614c6f4aa7cd5fa816bb015d573b257b562735237cf87fdd12980cfd5a827
-
SHA512
f67fae55d3652510e9e72f123dcfe921a1292a3aac6a1ef5a825fc9bc68ac302702398f40b529cc478e9b94b84ee524effcb32fb713f0042082f5db03862a10d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZZ:i5nkFGMOtEvwDpjR+viHs3
Malware Config
Targets
-
-
Target
2024-04-25_0af513880f5e291e37ae8bc41831b6b5_cryptolocker
-
Size
40KB
-
MD5
0af513880f5e291e37ae8bc41831b6b5
-
SHA1
3aeaac8e027c2cd378ec0fd3ee2309ecd7dba5e7
-
SHA256
408614c6f4aa7cd5fa816bb015d573b257b562735237cf87fdd12980cfd5a827
-
SHA512
f67fae55d3652510e9e72f123dcfe921a1292a3aac6a1ef5a825fc9bc68ac302702398f40b529cc478e9b94b84ee524effcb32fb713f0042082f5db03862a10d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZZ:i5nkFGMOtEvwDpjR+viHs3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-