General
-
Target
2024-05-09_8e4bc084fa751f1f529d6640a9faf8b5_cryptolocker
-
Size
42KB
-
Sample
240509-n66v1sge31
-
MD5
8e4bc084fa751f1f529d6640a9faf8b5
-
SHA1
d221faf3ef716f4833d53cce37b690de99f0f80b
-
SHA256
87c2ee947c0fdd356d4b1bb7dbee1434827d9c0901b952fd9b71778fb6eb3cf3
-
SHA512
ea90deb85457dd4ccc55dacdb2d3de81c4bd6f15dc90f174d730c2a2a796b7ce4db65493d4e8b2eeac7e7395144d0bfd60307db0c4e1fa6dcdd7dec0fe9566c0
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5js:m5nkFNMOtEvwDpjG8hhXj5g
Malware Config
Targets
-
-
Target
2024-05-09_8e4bc084fa751f1f529d6640a9faf8b5_cryptolocker
-
Size
42KB
-
MD5
8e4bc084fa751f1f529d6640a9faf8b5
-
SHA1
d221faf3ef716f4833d53cce37b690de99f0f80b
-
SHA256
87c2ee947c0fdd356d4b1bb7dbee1434827d9c0901b952fd9b71778fb6eb3cf3
-
SHA512
ea90deb85457dd4ccc55dacdb2d3de81c4bd6f15dc90f174d730c2a2a796b7ce4db65493d4e8b2eeac7e7395144d0bfd60307db0c4e1fa6dcdd7dec0fe9566c0
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRp5js:m5nkFNMOtEvwDpjG8hhXj5g
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-