General
-
Target
2024-04-30_7b3a52403e5d8248c934d5579caaeba5_cryptolocker
-
Size
67KB
-
Sample
240430-pwvwfagg85
-
MD5
7b3a52403e5d8248c934d5579caaeba5
-
SHA1
7e7cb03e409c84c6edd0834cac4ed96ee5665a3a
-
SHA256
a0cf173eaa28e56bf9b553194f0e4b4fce658b2a0552a54a22ac9ee4ba064760
-
SHA512
bc8e68e957a83810502fdf2292152f3fe3658a4c903e0a05e10473e7fb93f089a204e49e48dea87643e076a52c2a7c56f672a7467adc858e7d219e3b221f093e
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/w:i5nkFGMOtEvwDpjNbwQEI8UZDo
Malware Config
Targets
-
-
Target
2024-04-30_7b3a52403e5d8248c934d5579caaeba5_cryptolocker
-
Size
67KB
-
MD5
7b3a52403e5d8248c934d5579caaeba5
-
SHA1
7e7cb03e409c84c6edd0834cac4ed96ee5665a3a
-
SHA256
a0cf173eaa28e56bf9b553194f0e4b4fce658b2a0552a54a22ac9ee4ba064760
-
SHA512
bc8e68e957a83810502fdf2292152f3fe3658a4c903e0a05e10473e7fb93f089a204e49e48dea87643e076a52c2a7c56f672a7467adc858e7d219e3b221f093e
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/w:i5nkFGMOtEvwDpjNbwQEI8UZDo
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-