General
-
Target
2024-05-02_925d42ab3af58cca67a0b8c223fe6e65_cryptolocker
-
Size
80KB
-
Sample
240502-ba6txsed33
-
MD5
925d42ab3af58cca67a0b8c223fe6e65
-
SHA1
eec78e846c0098b6983b2fd59a7cfce5830b51a9
-
SHA256
b4ef2ecbda6114f36fb7e13e9c08290a503ed4a04afe4fd055b3397ef6e45561
-
SHA512
86fae04067459bca8cb798b8b711670cfe1d3464eba871566eb150ecb7b2b244777fa4a6d50e9def578309de2434ddbeb64e8b37af99adc1ff06c423fed6979b
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdef:T6a+rdOOtEvwDpjNtO
Malware Config
Targets
-
-
Target
2024-05-02_925d42ab3af58cca67a0b8c223fe6e65_cryptolocker
-
Size
80KB
-
MD5
925d42ab3af58cca67a0b8c223fe6e65
-
SHA1
eec78e846c0098b6983b2fd59a7cfce5830b51a9
-
SHA256
b4ef2ecbda6114f36fb7e13e9c08290a503ed4a04afe4fd055b3397ef6e45561
-
SHA512
86fae04067459bca8cb798b8b711670cfe1d3464eba871566eb150ecb7b2b244777fa4a6d50e9def578309de2434ddbeb64e8b37af99adc1ff06c423fed6979b
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdef:T6a+rdOOtEvwDpjNtO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-