General
-
Target
2024-05-22_99d56d1d3eaf8e33d943df9b696d4274_cryptolocker
-
Size
79KB
-
Sample
240522-c6hmmshg39
-
MD5
99d56d1d3eaf8e33d943df9b696d4274
-
SHA1
6d1b3625e7f39ae4da8b533dc815b5be108aba34
-
SHA256
acb9e1c23f0b66d30d0a52ad30cf299748bad4c80ae53840d324bd1da31bf620
-
SHA512
e068e76fc4c3677574d43638c51d8ce9c1b262fef91828e52577f55a4f5f5069eb5101200d3059f73701daf0c3de18bfabcfc486c95d271865ac67e9202c891b
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdJcRP:T6a+rdOOtEvwDpjNtO
Malware Config
Targets
-
-
Target
2024-05-22_99d56d1d3eaf8e33d943df9b696d4274_cryptolocker
-
Size
79KB
-
MD5
99d56d1d3eaf8e33d943df9b696d4274
-
SHA1
6d1b3625e7f39ae4da8b533dc815b5be108aba34
-
SHA256
acb9e1c23f0b66d30d0a52ad30cf299748bad4c80ae53840d324bd1da31bf620
-
SHA512
e068e76fc4c3677574d43638c51d8ce9c1b262fef91828e52577f55a4f5f5069eb5101200d3059f73701daf0c3de18bfabcfc486c95d271865ac67e9202c891b
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdJcRP:T6a+rdOOtEvwDpjNtO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-