General
-
Target
2024-05-02_cdc3a07c66e079b2e8b4e6cda6c2cc3e_cryptolocker
-
Size
43KB
-
Sample
240502-bheqeaef88
-
MD5
cdc3a07c66e079b2e8b4e6cda6c2cc3e
-
SHA1
526dddcea28db1ac473d6bd8309c5758c085ecbe
-
SHA256
781336b9d9fe7521b502707af1398a419cae42f1cb0e8910bca3d64cd16998e9
-
SHA512
0e14f1509247b84ccf078652c42b5c5516a843c0da2f3163f6c9265cde88d29db9fc399540e9e47e81b1b317f62510ee15c60060992dd802503755127a905d3d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5jvbT:m5nkFNMOtEvwDpjG8hhXj53T
Malware Config
Targets
-
-
Target
2024-05-02_cdc3a07c66e079b2e8b4e6cda6c2cc3e_cryptolocker
-
Size
43KB
-
MD5
cdc3a07c66e079b2e8b4e6cda6c2cc3e
-
SHA1
526dddcea28db1ac473d6bd8309c5758c085ecbe
-
SHA256
781336b9d9fe7521b502707af1398a419cae42f1cb0e8910bca3d64cd16998e9
-
SHA512
0e14f1509247b84ccf078652c42b5c5516a843c0da2f3163f6c9265cde88d29db9fc399540e9e47e81b1b317f62510ee15c60060992dd802503755127a905d3d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5jvbT:m5nkFNMOtEvwDpjG8hhXj53T
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-