General
-
Target
2024-05-11_82d6be7734671190f20501b0554b3677_cryptolocker
-
Size
50KB
-
Sample
240511-gpr7zabg95
-
MD5
82d6be7734671190f20501b0554b3677
-
SHA1
c9e3081e2cb4a0be1bc4685e134bc60bba14c63d
-
SHA256
ef6f32e27779b473fc0ed2d72603c821a7f2aecf52e3702297dad0b37bf7f6ec
-
SHA512
05367d5ec42555f1afc4e6dddf61a3ee7ac9a9c4108826ac08cd93d1815786ae9e6735071f257d383cf2c8421aec17a2eeda86510bb0724b970bf3a21698ab75
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRsAA:6j+1NMOtEvwDpjr8hhXG/
Malware Config
Targets
-
-
Target
2024-05-11_82d6be7734671190f20501b0554b3677_cryptolocker
-
Size
50KB
-
MD5
82d6be7734671190f20501b0554b3677
-
SHA1
c9e3081e2cb4a0be1bc4685e134bc60bba14c63d
-
SHA256
ef6f32e27779b473fc0ed2d72603c821a7f2aecf52e3702297dad0b37bf7f6ec
-
SHA512
05367d5ec42555f1afc4e6dddf61a3ee7ac9a9c4108826ac08cd93d1815786ae9e6735071f257d383cf2c8421aec17a2eeda86510bb0724b970bf3a21698ab75
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRsAA:6j+1NMOtEvwDpjr8hhXG/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-