General
-
Target
2024-05-22_25edd43f54612e7e9f2ae024bb6dbbba_cryptolocker
-
Size
57KB
-
Sample
240522-3c6qgsda47
-
MD5
25edd43f54612e7e9f2ae024bb6dbbba
-
SHA1
4dd88058ad4829f9ec1ea22837b36915c10817c8
-
SHA256
ac3df1a34c08b948ba9ba59c29e8608007d1dd9ccf0edb13ec163c2f07274e7d
-
SHA512
9ad0753877984d603826da4c397c5f1f236ff493e838da3b356e1919c7d78e9b2fc7bbf6c5d4c9003430c7becbc7d5011261cacb93b46f6b90c5ea453acfb9d1
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyR:BbdDmjr+OtEvwDpjM+
Malware Config
Targets
-
-
Target
2024-05-22_25edd43f54612e7e9f2ae024bb6dbbba_cryptolocker
-
Size
57KB
-
MD5
25edd43f54612e7e9f2ae024bb6dbbba
-
SHA1
4dd88058ad4829f9ec1ea22837b36915c10817c8
-
SHA256
ac3df1a34c08b948ba9ba59c29e8608007d1dd9ccf0edb13ec163c2f07274e7d
-
SHA512
9ad0753877984d603826da4c397c5f1f236ff493e838da3b356e1919c7d78e9b2fc7bbf6c5d4c9003430c7becbc7d5011261cacb93b46f6b90c5ea453acfb9d1
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyR:BbdDmjr+OtEvwDpjM+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-