General
-
Target
2024-05-11_42f260517a980a6295699eea8aec91bc_cryptolocker
-
Size
48KB
-
Sample
240511-r5788scb81
-
MD5
42f260517a980a6295699eea8aec91bc
-
SHA1
82da68c71ec4f39847bbda5248401994d79e766c
-
SHA256
1ff9234cc39a836ed9cae28bd1358cf7357c47bfa794ba12661cf4c9ee140386
-
SHA512
d36c3e7616459333c7dd375ca7d4e2143c1018fa6017813cc00d7fc5c5c1c4ea594c047ffa49f928a467876ab8b360303f4ce36581453f8b31a5d939062774f7
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9Rva/yYsmea:xj+VGMOtEvwDpjy+viHsHa
Malware Config
Targets
-
-
Target
2024-05-11_42f260517a980a6295699eea8aec91bc_cryptolocker
-
Size
48KB
-
MD5
42f260517a980a6295699eea8aec91bc
-
SHA1
82da68c71ec4f39847bbda5248401994d79e766c
-
SHA256
1ff9234cc39a836ed9cae28bd1358cf7357c47bfa794ba12661cf4c9ee140386
-
SHA512
d36c3e7616459333c7dd375ca7d4e2143c1018fa6017813cc00d7fc5c5c1c4ea594c047ffa49f928a467876ab8b360303f4ce36581453f8b31a5d939062774f7
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9Rva/yYsmea:xj+VGMOtEvwDpjy+viHsHa
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-