General
-
Target
2024-05-21_22d72ade895345f95f8ad39e4f31ab83_cryptolocker
-
Size
57KB
-
Sample
240521-x42b7afh91
-
MD5
22d72ade895345f95f8ad39e4f31ab83
-
SHA1
509fa90949890c94c0456666e092e7e257bad0fb
-
SHA256
d0734449bce81a136eb3318af878815aeb56c9460a316e3d1fa1897b8c3a78c5
-
SHA512
1cd75d40597b585cc65065a334efc750c266ed0780902a61444d5049e22a3170115f43e95c53b6d3ac99fa497c709180b3c72e4c86a4905bc42c00b165f86ee7
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6f:6j+1NMOtEvwDpjr8oxExe6f
Malware Config
Targets
-
-
Target
2024-05-21_22d72ade895345f95f8ad39e4f31ab83_cryptolocker
-
Size
57KB
-
MD5
22d72ade895345f95f8ad39e4f31ab83
-
SHA1
509fa90949890c94c0456666e092e7e257bad0fb
-
SHA256
d0734449bce81a136eb3318af878815aeb56c9460a316e3d1fa1897b8c3a78c5
-
SHA512
1cd75d40597b585cc65065a334efc750c266ed0780902a61444d5049e22a3170115f43e95c53b6d3ac99fa497c709180b3c72e4c86a4905bc42c00b165f86ee7
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6f:6j+1NMOtEvwDpjr8oxExe6f
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-