General
-
Target
2024-05-21_fc36c39e8057cca8fd5d3de960069278_cryptolocker
-
Size
68KB
-
Sample
240521-tlm53abc97
-
MD5
fc36c39e8057cca8fd5d3de960069278
-
SHA1
dee1c1019fa32460a7a7a95581dbb1c58b0db99e
-
SHA256
b7a1eeacba0002e50f4fced18f6875cd65d8da4c3941dd573545f18285bf967c
-
SHA512
660a07bd8b5e8f45a63452bf95d96079f1e0c9613d059f82fa8c67718d4dfa0ae01f2247fa9f731b7980b00df63c38e5f9303f8ea19dc3c8f99db3c1a26a36fa
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d9:i5nkFGMOtEvwDpjNbwQEI8UZDH
Malware Config
Targets
-
-
Target
2024-05-21_fc36c39e8057cca8fd5d3de960069278_cryptolocker
-
Size
68KB
-
MD5
fc36c39e8057cca8fd5d3de960069278
-
SHA1
dee1c1019fa32460a7a7a95581dbb1c58b0db99e
-
SHA256
b7a1eeacba0002e50f4fced18f6875cd65d8da4c3941dd573545f18285bf967c
-
SHA512
660a07bd8b5e8f45a63452bf95d96079f1e0c9613d059f82fa8c67718d4dfa0ae01f2247fa9f731b7980b00df63c38e5f9303f8ea19dc3c8f99db3c1a26a36fa
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d9:i5nkFGMOtEvwDpjNbwQEI8UZDH
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-