General
-
Target
2024-05-08_297ba647f4ff16e5b9691f64ac6f6533_cryptolocker
-
Size
41KB
-
Sample
240508-h77wtaha7t
-
MD5
297ba647f4ff16e5b9691f64ac6f6533
-
SHA1
5a815c0db69942446ce90344d172838345885086
-
SHA256
a80b361382e56e89b6a84c01ad144ffe3a10afdaa201a4b760f4971cc971f447
-
SHA512
83f16fad9d7c64ec7885e018a316e3c79421241763b218d6e0f7deeabb257bec237f2b6023788959cd2da0343d141a72e6fa7ff014b9ae0957b005182d2f4c7f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZRf:i5nkFGMOtEvwDpjR+viHsn
Malware Config
Targets
-
-
Target
2024-05-08_297ba647f4ff16e5b9691f64ac6f6533_cryptolocker
-
Size
41KB
-
MD5
297ba647f4ff16e5b9691f64ac6f6533
-
SHA1
5a815c0db69942446ce90344d172838345885086
-
SHA256
a80b361382e56e89b6a84c01ad144ffe3a10afdaa201a4b760f4971cc971f447
-
SHA512
83f16fad9d7c64ec7885e018a316e3c79421241763b218d6e0f7deeabb257bec237f2b6023788959cd2da0343d141a72e6fa7ff014b9ae0957b005182d2f4c7f
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZRf:i5nkFGMOtEvwDpjR+viHsn
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-