General
-
Target
2024-05-21_680a1899fcdb1b213301ea168537b8c4_cryptolocker
-
Size
42KB
-
Sample
240521-s4hsmaag6x
-
MD5
680a1899fcdb1b213301ea168537b8c4
-
SHA1
d58c855ca2c0e6e79c5101b0bbf1bbb086562a8c
-
SHA256
9e15daaae9d1125f8520378f838dfd6c953be99c2120a681ac1109cc20e4ba4d
-
SHA512
6d856c767125f51a14376ef2a1fcaefb9e9e5c7e1c212f262a337c11e0313e2d454f91d31381f59f63087a77f9d7f76781eefa4458ca758e70ef0b687f4761af
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZE:i5nkFGMOtEvwDpjR+viHs2
Malware Config
Targets
-
-
Target
2024-05-21_680a1899fcdb1b213301ea168537b8c4_cryptolocker
-
Size
42KB
-
MD5
680a1899fcdb1b213301ea168537b8c4
-
SHA1
d58c855ca2c0e6e79c5101b0bbf1bbb086562a8c
-
SHA256
9e15daaae9d1125f8520378f838dfd6c953be99c2120a681ac1109cc20e4ba4d
-
SHA512
6d856c767125f51a14376ef2a1fcaefb9e9e5c7e1c212f262a337c11e0313e2d454f91d31381f59f63087a77f9d7f76781eefa4458ca758e70ef0b687f4761af
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZE:i5nkFGMOtEvwDpjR+viHs2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-