General
-
Target
2024-05-02_52d205731be6e4355ec5ab1dde73495e_cryptolocker
-
Size
56KB
-
Sample
240502-d4jmlahg88
-
MD5
52d205731be6e4355ec5ab1dde73495e
-
SHA1
780bd3135151fa0e49a3c775052f7eddd115af83
-
SHA256
180ccd83f2d8c2f9e485dee4059798e08a86fe08bc95175fb3373c18f23d254c
-
SHA512
a0cbf122af91ab64f494a91e055bcccda95367e9cac51ccc473641139327aeea81dffade77590e3612aeb863e4a579b5a93c62e6f2543af90d3365f350ce6b95
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4e:6j+1NMOtEvwDpjr8oxExe4e
Malware Config
Targets
-
-
Target
2024-05-02_52d205731be6e4355ec5ab1dde73495e_cryptolocker
-
Size
56KB
-
MD5
52d205731be6e4355ec5ab1dde73495e
-
SHA1
780bd3135151fa0e49a3c775052f7eddd115af83
-
SHA256
180ccd83f2d8c2f9e485dee4059798e08a86fe08bc95175fb3373c18f23d254c
-
SHA512
a0cbf122af91ab64f494a91e055bcccda95367e9cac51ccc473641139327aeea81dffade77590e3612aeb863e4a579b5a93c62e6f2543af90d3365f350ce6b95
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4e:6j+1NMOtEvwDpjr8oxExe4e
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-