General
-
Target
2024-05-21_c9a00793ae23ae077b1055a7d677a487_cryptolocker
-
Size
64KB
-
Sample
240521-telnnaba98
-
MD5
c9a00793ae23ae077b1055a7d677a487
-
SHA1
55c8da42d89c7fbb71b590fcda65d795110a3d2b
-
SHA256
ef8595c8dab9d39ec2d6d88aae79454068d805ec6ac920921f770430b70451c4
-
SHA512
f890a14da185fefedb232f7975ffe4f7c76b60eb23921aea6729fccdc74fcb2e69696911f06cd9d844fb19bfdf382813dafa42eabdec807208046fe2056cf7c2
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiy:BbdDmjr+OtEvwDpjM8P
Malware Config
Targets
-
-
Target
2024-05-21_c9a00793ae23ae077b1055a7d677a487_cryptolocker
-
Size
64KB
-
MD5
c9a00793ae23ae077b1055a7d677a487
-
SHA1
55c8da42d89c7fbb71b590fcda65d795110a3d2b
-
SHA256
ef8595c8dab9d39ec2d6d88aae79454068d805ec6ac920921f770430b70451c4
-
SHA512
f890a14da185fefedb232f7975ffe4f7c76b60eb23921aea6729fccdc74fcb2e69696911f06cd9d844fb19bfdf382813dafa42eabdec807208046fe2056cf7c2
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiy:BbdDmjr+OtEvwDpjM8P
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-