General
-
Target
2024-05-21_354581f581208e1e5f3b5e5873c10ab9_cryptolocker
-
Size
42KB
-
Sample
240521-pmrgnadf74
-
MD5
354581f581208e1e5f3b5e5873c10ab9
-
SHA1
d08fe2097617a0b5d823df2f82cb74bf9f925915
-
SHA256
abaf2d2eb044d0a12dca0a302d2ee7157321e8e78c080d28c38ad5e6169ae3b4
-
SHA512
b5ab1688ec05bc0d273377cb1f81076ce0a57f3e8d0a0a1acfd797a30d156f70465aa6dac45ab275aa89280a8dadc185db2e76188be426b679b50e500a288b9d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n9c:m5nkFNMOtEvwDpjG8hgpY19c
Malware Config
Targets
-
-
Target
2024-05-21_354581f581208e1e5f3b5e5873c10ab9_cryptolocker
-
Size
42KB
-
MD5
354581f581208e1e5f3b5e5873c10ab9
-
SHA1
d08fe2097617a0b5d823df2f82cb74bf9f925915
-
SHA256
abaf2d2eb044d0a12dca0a302d2ee7157321e8e78c080d28c38ad5e6169ae3b4
-
SHA512
b5ab1688ec05bc0d273377cb1f81076ce0a57f3e8d0a0a1acfd797a30d156f70465aa6dac45ab275aa89280a8dadc185db2e76188be426b679b50e500a288b9d
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnY1n9c:m5nkFNMOtEvwDpjG8hgpY19c
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-