General
-
Target
2024-05-22_0f626439dff84860ed862edd6f7645e4_cryptolocker
-
Size
94KB
-
Sample
240522-cvd53shc82
-
MD5
0f626439dff84860ed862edd6f7645e4
-
SHA1
4dee12b180f034f38613d213c957ffdead40e3ee
-
SHA256
1301fc7d5be07b44a40502b6ed25b82e789eeaeb93968c8999b2af4439582915
-
SHA512
c1aa7e6f27d32c5aea8d36684d68610f4f4e3acab58f63b55b9603aa9b3867962a873b9cb10071878e5a51e63e6c9ce163757a39ef3a9f568d537ddbb4d98ff9
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kG:zCsanOtEvwDpjBh
Malware Config
Targets
-
-
Target
2024-05-22_0f626439dff84860ed862edd6f7645e4_cryptolocker
-
Size
94KB
-
MD5
0f626439dff84860ed862edd6f7645e4
-
SHA1
4dee12b180f034f38613d213c957ffdead40e3ee
-
SHA256
1301fc7d5be07b44a40502b6ed25b82e789eeaeb93968c8999b2af4439582915
-
SHA512
c1aa7e6f27d32c5aea8d36684d68610f4f4e3acab58f63b55b9603aa9b3867962a873b9cb10071878e5a51e63e6c9ce163757a39ef3a9f568d537ddbb4d98ff9
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kG:zCsanOtEvwDpjBh
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-