General
-
Target
2024-04-30_19c479af5b3e308187696bbc406642e1_cryptolocker
-
Size
67KB
-
Sample
240430-2a7dkahc7v
-
MD5
19c479af5b3e308187696bbc406642e1
-
SHA1
76080b38385ff602432e3c90e1a6274d54e19d01
-
SHA256
5199a921e8b3fd50a2f41148d0cadff7b5824baa0360df6823c163b5af1700e6
-
SHA512
526a1bd8de57a70da2223d8e6ec8e5783dd170cf33c5aac82089b4e02122be5db120acc10531d5b407f9ac4181bfd9740be6fc2e04c22d5e7149a37c9af6c5a8
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/V:i5nkFGMOtEvwDpjNbwQEI8UZD9
Malware Config
Targets
-
-
Target
2024-04-30_19c479af5b3e308187696bbc406642e1_cryptolocker
-
Size
67KB
-
MD5
19c479af5b3e308187696bbc406642e1
-
SHA1
76080b38385ff602432e3c90e1a6274d54e19d01
-
SHA256
5199a921e8b3fd50a2f41148d0cadff7b5824baa0360df6823c163b5af1700e6
-
SHA512
526a1bd8de57a70da2223d8e6ec8e5783dd170cf33c5aac82089b4e02122be5db120acc10531d5b407f9ac4181bfd9740be6fc2e04c22d5e7149a37c9af6c5a8
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/V:i5nkFGMOtEvwDpjNbwQEI8UZD9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-