General
-
Target
2024-04-28_185f126f9c48f59b6c60802fb414e080_cryptolocker
-
Size
36KB
-
Sample
240428-x4gb1sfd5w
-
MD5
185f126f9c48f59b6c60802fb414e080
-
SHA1
31aafe7a9647627833a5d650d3a227a1816268d7
-
SHA256
c5a605ae06033ce8198cf7065b77d8bbbe4ec9945aef5bff03af9022b04883cf
-
SHA512
11298fc0d39aff40e87fe47a781295b477e63e20503bbc629a41d514688d0ed8e548d7445ef16fc03852f05fa87c5221d919bd31f9ce9c672b9df15af5c8eec7
-
SSDEEP
768:qTVbxjgQNQXtckstOOtEvwDpjAaD3TUogs/VXpAPk:qTJu9cvMOtEvwDpjppVX9
Malware Config
Targets
-
-
Target
2024-04-28_185f126f9c48f59b6c60802fb414e080_cryptolocker
-
Size
36KB
-
MD5
185f126f9c48f59b6c60802fb414e080
-
SHA1
31aafe7a9647627833a5d650d3a227a1816268d7
-
SHA256
c5a605ae06033ce8198cf7065b77d8bbbe4ec9945aef5bff03af9022b04883cf
-
SHA512
11298fc0d39aff40e87fe47a781295b477e63e20503bbc629a41d514688d0ed8e548d7445ef16fc03852f05fa87c5221d919bd31f9ce9c672b9df15af5c8eec7
-
SSDEEP
768:qTVbxjgQNQXtckstOOtEvwDpjAaD3TUogs/VXpAPk:qTJu9cvMOtEvwDpjppVX9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-