General
-
Target
2024-05-22_fd671b57d21de1c29afdc2ecbaf47539_cryptolocker
-
Size
80KB
-
Sample
240522-deacmaaa99
-
MD5
fd671b57d21de1c29afdc2ecbaf47539
-
SHA1
146f092f96193838799e90889766850b79a6723f
-
SHA256
8ebad57fc16d17ed735b74012aeba6512af20ecae4163862f0b7f8646631766d
-
SHA512
7d08ea168e87ec0d6d3baa493baff579ea2b59aee804d3789f5979b24f969eb1b143e6adc6fd94e5a707fee244883c19688c687e868f33bb8076d813f6f8b4fd
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qx:zCsanOtEvwDpjV
Malware Config
Targets
-
-
Target
2024-05-22_fd671b57d21de1c29afdc2ecbaf47539_cryptolocker
-
Size
80KB
-
MD5
fd671b57d21de1c29afdc2ecbaf47539
-
SHA1
146f092f96193838799e90889766850b79a6723f
-
SHA256
8ebad57fc16d17ed735b74012aeba6512af20ecae4163862f0b7f8646631766d
-
SHA512
7d08ea168e87ec0d6d3baa493baff579ea2b59aee804d3789f5979b24f969eb1b143e6adc6fd94e5a707fee244883c19688c687e868f33bb8076d813f6f8b4fd
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qx:zCsanOtEvwDpjV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-