General
-
Target
2024-05-21_d491d527c7789f691ebc0052e161a940_cryptolocker
-
Size
46KB
-
Sample
240521-ydtebsgc63
-
MD5
d491d527c7789f691ebc0052e161a940
-
SHA1
4827caa359d452392d12230377ff93bbacbf8122
-
SHA256
db5dac3193c73835fd7bf0d4ad2d921a7eddd3d2bfb3dd61a435b9903fee08c0
-
SHA512
7745b59ef40695ce17c041501e2ab2755083bfca1e2408bba716afa51f1afdb4c5e4fd455d96276b2402c649fc32e77c7078c25a004b5dde1e93f465fb3f8fc0
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoLm:qmbhXDmjr5MOtEvwDpj5cDtKkQZQg
Malware Config
Targets
-
-
Target
2024-05-21_d491d527c7789f691ebc0052e161a940_cryptolocker
-
Size
46KB
-
MD5
d491d527c7789f691ebc0052e161a940
-
SHA1
4827caa359d452392d12230377ff93bbacbf8122
-
SHA256
db5dac3193c73835fd7bf0d4ad2d921a7eddd3d2bfb3dd61a435b9903fee08c0
-
SHA512
7745b59ef40695ce17c041501e2ab2755083bfca1e2408bba716afa51f1afdb4c5e4fd455d96276b2402c649fc32e77c7078c25a004b5dde1e93f465fb3f8fc0
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoLm:qmbhXDmjr5MOtEvwDpj5cDtKkQZQg
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-