General
-
Target
2024-05-22_5697328c6d213238f82802f53ef82030_cryptolocker
-
Size
69KB
-
Sample
240522-c2xwrshg5s
-
MD5
5697328c6d213238f82802f53ef82030
-
SHA1
e3ca4fdf48fa5169fa9d8785b2097cdc245864d5
-
SHA256
645e4c1d998c9eca863ed9dcdef81f624d680b38513cab93c76c2f5d4703ce94
-
SHA512
ecd75c6cf1dee23d4fd53a0314bacf7b9d9f6e969d0293fa8ab23407327282fabb55ee24449a308e028838f695844617162b4a6f8178e82756ba2cfa21f50db8
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pa:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAa
Malware Config
Targets
-
-
Target
2024-05-22_5697328c6d213238f82802f53ef82030_cryptolocker
-
Size
69KB
-
MD5
5697328c6d213238f82802f53ef82030
-
SHA1
e3ca4fdf48fa5169fa9d8785b2097cdc245864d5
-
SHA256
645e4c1d998c9eca863ed9dcdef81f624d680b38513cab93c76c2f5d4703ce94
-
SHA512
ecd75c6cf1dee23d4fd53a0314bacf7b9d9f6e969d0293fa8ab23407327282fabb55ee24449a308e028838f695844617162b4a6f8178e82756ba2cfa21f50db8
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pa:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAa
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-