General
-
Target
2024-05-22_42196f885efef18f85dcab32a33aff58_cryptolocker
-
Size
64KB
-
Sample
240522-2dg8vabd49
-
MD5
42196f885efef18f85dcab32a33aff58
-
SHA1
d06590155eb68896a3e756daea2332d4c5a07995
-
SHA256
34f085caaac44c3e4da64f06aeaa0c96ff9788112f2425ed654c7e8be4743fdd
-
SHA512
a0dd8cdc275234327abe5d4b03b67bce85e9aae8cd9ee1319b6aeee794d1c4b068753565d4c2a59b7f678906c2baa20e3cd61426e3fc68301023804673b3ce5b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiV:BbdDmjr+OtEvwDpjM8k
Malware Config
Targets
-
-
Target
2024-05-22_42196f885efef18f85dcab32a33aff58_cryptolocker
-
Size
64KB
-
MD5
42196f885efef18f85dcab32a33aff58
-
SHA1
d06590155eb68896a3e756daea2332d4c5a07995
-
SHA256
34f085caaac44c3e4da64f06aeaa0c96ff9788112f2425ed654c7e8be4743fdd
-
SHA512
a0dd8cdc275234327abe5d4b03b67bce85e9aae8cd9ee1319b6aeee794d1c4b068753565d4c2a59b7f678906c2baa20e3cd61426e3fc68301023804673b3ce5b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiV:BbdDmjr+OtEvwDpjM8k
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-