General
-
Target
2024-04-30_f302807b977c278a748dad21a665f535_cryptolocker
-
Size
55KB
-
Sample
240430-djlw8abc9w
-
MD5
f302807b977c278a748dad21a665f535
-
SHA1
765bacef7b3e38c2c4dbdefde07815e721061d64
-
SHA256
cc9f4a20a690327c3b485148fdf80a5b20a2206ae4970d8652aa68aa0d581089
-
SHA512
5e3dd88c950b1e2c560567f04682db999fe9c9c52acf2e05638cdcf29971034046e6335730fd4fefcaecd977e496c90f2086bdebcfe36cfe8bbe6bc73bb989f0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/elM:6j+1NMOtEvwDpjr8oxExelM
Malware Config
Targets
-
-
Target
2024-04-30_f302807b977c278a748dad21a665f535_cryptolocker
-
Size
55KB
-
MD5
f302807b977c278a748dad21a665f535
-
SHA1
765bacef7b3e38c2c4dbdefde07815e721061d64
-
SHA256
cc9f4a20a690327c3b485148fdf80a5b20a2206ae4970d8652aa68aa0d581089
-
SHA512
5e3dd88c950b1e2c560567f04682db999fe9c9c52acf2e05638cdcf29971034046e6335730fd4fefcaecd977e496c90f2086bdebcfe36cfe8bbe6bc73bb989f0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/elM:6j+1NMOtEvwDpjr8oxExelM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-