General
-
Target
2024-05-21_c182f1980c28458d2043202549b0f470_cryptolocker
-
Size
95KB
-
Sample
240521-s67jrsah7w
-
MD5
c182f1980c28458d2043202549b0f470
-
SHA1
9712eeebe49f4f135f68c86a795661a42d50248b
-
SHA256
283965c8e554469fd93e0b65326707e4d4242b7c1ef0266786074cec91de89e9
-
SHA512
129957bb1533eda19cb7a62ca3d00c919baabd9dd65f16d46f2e2da0d9437b0adaa25cdc5c66b31104e4a63f11c550acff05d42c99489ea13bd9676916a28caf
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJYCr:xj+VGMOtEvwDpjubwQEIiVmksc
Malware Config
Targets
-
-
Target
2024-05-21_c182f1980c28458d2043202549b0f470_cryptolocker
-
Size
95KB
-
MD5
c182f1980c28458d2043202549b0f470
-
SHA1
9712eeebe49f4f135f68c86a795661a42d50248b
-
SHA256
283965c8e554469fd93e0b65326707e4d4242b7c1ef0266786074cec91de89e9
-
SHA512
129957bb1533eda19cb7a62ca3d00c919baabd9dd65f16d46f2e2da0d9437b0adaa25cdc5c66b31104e4a63f11c550acff05d42c99489ea13bd9676916a28caf
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJYCr:xj+VGMOtEvwDpjubwQEIiVmksc
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-