General
-
Target
2024-05-21_e63ad7d39f46eda10a2d7f323e37d80c_cryptolocker
-
Size
91KB
-
Sample
240521-sfc78shh44
-
MD5
e63ad7d39f46eda10a2d7f323e37d80c
-
SHA1
6fdf357dd360548fffbf3cf414c9efb3898160f6
-
SHA256
21c7ae9d39bb043533dc137737993c4736cb6ebd528950ecbce486ac97991fb6
-
SHA512
8b0ef2ff385781633dcb2de17385f7fb9945b96aca1a6b06ec4e9aafce9bf9737ca25997adc9292ad7aa8016833e40ff6d9a53ac54ba9d7a0a0b186c0132d836
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/DV:n6a+1SEOtEvwDpjYYvQd2P6
Malware Config
Targets
-
-
Target
2024-05-21_e63ad7d39f46eda10a2d7f323e37d80c_cryptolocker
-
Size
91KB
-
MD5
e63ad7d39f46eda10a2d7f323e37d80c
-
SHA1
6fdf357dd360548fffbf3cf414c9efb3898160f6
-
SHA256
21c7ae9d39bb043533dc137737993c4736cb6ebd528950ecbce486ac97991fb6
-
SHA512
8b0ef2ff385781633dcb2de17385f7fb9945b96aca1a6b06ec4e9aafce9bf9737ca25997adc9292ad7aa8016833e40ff6d9a53ac54ba9d7a0a0b186c0132d836
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/DV:n6a+1SEOtEvwDpjYYvQd2P6
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-