General
-
Target
2024-05-22_91c65c9b006f46ec32287245f1a960e3_cryptolocker
-
Size
39KB
-
Sample
240522-1qdwhsac63
-
MD5
91c65c9b006f46ec32287245f1a960e3
-
SHA1
11d4836701c1bdf83da6be304eb76cb65832e9a2
-
SHA256
4842051ba357bdab91d79740c3c8c4d81d6badda3ba38ad03cb53baeab4ea9f8
-
SHA512
191e49aef0bb0fdeffa23a21be08bd62c3f2a89248b4f65117330c0b646e49bb1600898136e94441e66927a0078b5ec86412b48d545be9dd782b6a9fba88a563
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan8l2y:qDdFJy3QMOtEvwDpjjWMl7Tdn83
Malware Config
Targets
-
-
Target
2024-05-22_91c65c9b006f46ec32287245f1a960e3_cryptolocker
-
Size
39KB
-
MD5
91c65c9b006f46ec32287245f1a960e3
-
SHA1
11d4836701c1bdf83da6be304eb76cb65832e9a2
-
SHA256
4842051ba357bdab91d79740c3c8c4d81d6badda3ba38ad03cb53baeab4ea9f8
-
SHA512
191e49aef0bb0fdeffa23a21be08bd62c3f2a89248b4f65117330c0b646e49bb1600898136e94441e66927a0078b5ec86412b48d545be9dd782b6a9fba88a563
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan8l2y:qDdFJy3QMOtEvwDpjjWMl7Tdn83
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-