General
-
Target
2024-05-22_ad478df1fa4bfd1ad9514e5fb8eb2360_cryptolocker
-
Size
52KB
-
Sample
240522-crcg3shd2w
-
MD5
ad478df1fa4bfd1ad9514e5fb8eb2360
-
SHA1
d7be79151ae830b853a8e3e67683d3d26ffddd88
-
SHA256
7c34455a41f96525ae68e7a1009e41a6daba13147b8296efbf398d2b085cd80a
-
SHA512
da64ca6f7da6293e568d9913d1eb1aecdad2efdd5dba396655729f5492f5a86b0311f4fcb6ad0021706c69db49b212cb5bb467ea34f176b3771d93592e7e838f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRY+iyys:6j+1NMOtEvwDpjr8hhXy+iyys
Malware Config
Targets
-
-
Target
2024-05-22_ad478df1fa4bfd1ad9514e5fb8eb2360_cryptolocker
-
Size
52KB
-
MD5
ad478df1fa4bfd1ad9514e5fb8eb2360
-
SHA1
d7be79151ae830b853a8e3e67683d3d26ffddd88
-
SHA256
7c34455a41f96525ae68e7a1009e41a6daba13147b8296efbf398d2b085cd80a
-
SHA512
da64ca6f7da6293e568d9913d1eb1aecdad2efdd5dba396655729f5492f5a86b0311f4fcb6ad0021706c69db49b212cb5bb467ea34f176b3771d93592e7e838f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRY+iyys:6j+1NMOtEvwDpjr8hhXy+iyys
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-