General
-
Target
2024-05-15_409351fd772112b2b7629779a69bc6b5_cryptolocker
-
Size
72KB
-
Sample
240515-e872eshd5x
-
MD5
409351fd772112b2b7629779a69bc6b5
-
SHA1
808bfa1d629db6cf2685600ec551f1357fc533fa
-
SHA256
aa6bfcad5209aa415d69300268fb51b8eef1f1dd11dbff4b3b42b6deff3f535f
-
SHA512
cfe4377a1a6e070ddbbd0d257c3459b1bfb0e72f6f6f6909cc73732d8d454872bff73cc074dcb3f3925450a79e91c6a403c1782da4990e9231fa1d287892bf0e
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95c:C4Q2c94OtEvwDpj4H8zz
Malware Config
Targets
-
-
Target
2024-05-15_409351fd772112b2b7629779a69bc6b5_cryptolocker
-
Size
72KB
-
MD5
409351fd772112b2b7629779a69bc6b5
-
SHA1
808bfa1d629db6cf2685600ec551f1357fc533fa
-
SHA256
aa6bfcad5209aa415d69300268fb51b8eef1f1dd11dbff4b3b42b6deff3f535f
-
SHA512
cfe4377a1a6e070ddbbd0d257c3459b1bfb0e72f6f6f6909cc73732d8d454872bff73cc074dcb3f3925450a79e91c6a403c1782da4990e9231fa1d287892bf0e
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs95c:C4Q2c94OtEvwDpj4H8zz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-