General
-
Target
2024-04-25_9d72792d048043bf44e081164ae2bd02_cryptolocker
-
Size
55KB
-
Sample
240425-gfxq4agc48
-
MD5
9d72792d048043bf44e081164ae2bd02
-
SHA1
61417ba8df24c29465a755c292ba622b2fc766b9
-
SHA256
6c4c1176cc3948114bf5aa37d22c7b4bdb97a0bdef68292451c50b7d251e65fe
-
SHA512
a54d0575f6cfce4f3663c60e783cd1847fe5c5c9295ce4202b48cb09dfece8b48224a8231e790422cbe63ae161a0540ea6d42d89b956123bcac41ff74cdcf19b
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/eKRQ:6j+1NMOtEvwDpjr8oxExeKi
Malware Config
Targets
-
-
Target
2024-04-25_9d72792d048043bf44e081164ae2bd02_cryptolocker
-
Size
55KB
-
MD5
9d72792d048043bf44e081164ae2bd02
-
SHA1
61417ba8df24c29465a755c292ba622b2fc766b9
-
SHA256
6c4c1176cc3948114bf5aa37d22c7b4bdb97a0bdef68292451c50b7d251e65fe
-
SHA512
a54d0575f6cfce4f3663c60e783cd1847fe5c5c9295ce4202b48cb09dfece8b48224a8231e790422cbe63ae161a0540ea6d42d89b956123bcac41ff74cdcf19b
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/eKRQ:6j+1NMOtEvwDpjr8oxExeKi
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-