General
-
Target
2024-04-26_49bdf09c1565e19a57618389539900d5_cryptolocker
-
Size
38KB
-
Sample
240426-3dnw3aec23
-
MD5
49bdf09c1565e19a57618389539900d5
-
SHA1
1c2b5e9dc3d71344dd1c066d06b2c52af954828a
-
SHA256
c1cb2908aa3a1627ed094a27f0675573f1324046104c9a9f2d9878bedf4dfdae
-
SHA512
6bc19881b59b08e95266c0f5b7d096ab3f02b62a4ee05da0debc8f0399ca63ea87b5b82542e342028e645511707e5e2290969c0b0e079f64be5b7ca502a2f140
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9A:qDdFJy3QMOtEvwDpjjWMl7TH
Malware Config
Targets
-
-
Target
2024-04-26_49bdf09c1565e19a57618389539900d5_cryptolocker
-
Size
38KB
-
MD5
49bdf09c1565e19a57618389539900d5
-
SHA1
1c2b5e9dc3d71344dd1c066d06b2c52af954828a
-
SHA256
c1cb2908aa3a1627ed094a27f0675573f1324046104c9a9f2d9878bedf4dfdae
-
SHA512
6bc19881b59b08e95266c0f5b7d096ab3f02b62a4ee05da0debc8f0399ca63ea87b5b82542e342028e645511707e5e2290969c0b0e079f64be5b7ca502a2f140
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9A:qDdFJy3QMOtEvwDpjjWMl7TH
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-