General
-
Target
2024-04-25_ae093863d4d6bcfdf7846ff52a1f5817_cryptolocker
-
Size
38KB
-
Sample
240425-t2qwwsce7s
-
MD5
ae093863d4d6bcfdf7846ff52a1f5817
-
SHA1
3732b6e05d8e553a5b87faa013acc01f5b900331
-
SHA256
790b8a52d40435e06f664aa7aa3c12ac1697732dc04fb8f2b441966864e0f73b
-
SHA512
ff15bd832af511cc34aa131eb50e013a948f9c204b926cf37c5ac581800d4f71ba30aaa0116311c7d35c64488aae67b89b7038cbad6135cf6cd195eefefb6b5c
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYD:qDdFJy3QMOtEvwDpjjWMl7TS
Malware Config
Targets
-
-
Target
2024-04-25_ae093863d4d6bcfdf7846ff52a1f5817_cryptolocker
-
Size
38KB
-
MD5
ae093863d4d6bcfdf7846ff52a1f5817
-
SHA1
3732b6e05d8e553a5b87faa013acc01f5b900331
-
SHA256
790b8a52d40435e06f664aa7aa3c12ac1697732dc04fb8f2b441966864e0f73b
-
SHA512
ff15bd832af511cc34aa131eb50e013a948f9c204b926cf37c5ac581800d4f71ba30aaa0116311c7d35c64488aae67b89b7038cbad6135cf6cd195eefefb6b5c
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYD:qDdFJy3QMOtEvwDpjjWMl7TS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-