General
-
Target
2024-05-16_a160836e015bcd7ab3ae30e6030ec823_cryptolocker
-
Size
90KB
-
Sample
240516-yppkhsdg48
-
MD5
a160836e015bcd7ab3ae30e6030ec823
-
SHA1
5adfb37d33632176dcaa44c8b385dd3500b31e78
-
SHA256
67046d7bb6443804f10d3da8fd67bbe06ae01eb9d8d96c071e82661770d4734b
-
SHA512
a3e0dbceb4282c58450e0ebc9413ea6ee2cd6045251097dc93c3627795d932f59d8c97243075e489165d861f55042df7ced78862558b352378030257b445a433
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRMy8tybln:zCsanOtEvwDpj4
Malware Config
Targets
-
-
Target
2024-05-16_a160836e015bcd7ab3ae30e6030ec823_cryptolocker
-
Size
90KB
-
MD5
a160836e015bcd7ab3ae30e6030ec823
-
SHA1
5adfb37d33632176dcaa44c8b385dd3500b31e78
-
SHA256
67046d7bb6443804f10d3da8fd67bbe06ae01eb9d8d96c071e82661770d4734b
-
SHA512
a3e0dbceb4282c58450e0ebc9413ea6ee2cd6045251097dc93c3627795d932f59d8c97243075e489165d861f55042df7ced78862558b352378030257b445a433
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRMy8tybln:zCsanOtEvwDpj4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-