General
-
Target
2024-05-22_51b3ace264e2e4dd52c958d4d30fc206_cryptolocker
-
Size
66KB
-
Sample
240522-yllpfsed45
-
MD5
51b3ace264e2e4dd52c958d4d30fc206
-
SHA1
3bc0e98ce4871074df61a4aaff0eb33bd3f6f33d
-
SHA256
17005eb35cd8421740505643b6280268f850e6e23a2026e1d10afdf167a814b3
-
SHA512
87258cf1b1d1e5614b11d06e21738ea7c7b235635eb07da44e8ad50bbea90b5a13a0000ef8eb26c93e784c6f2222028310725878fa16bad4bca2a98bc7220fbf
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoQRL:1nK6a+qdOOtEvwDpjC
Malware Config
Targets
-
-
Target
2024-05-22_51b3ace264e2e4dd52c958d4d30fc206_cryptolocker
-
Size
66KB
-
MD5
51b3ace264e2e4dd52c958d4d30fc206
-
SHA1
3bc0e98ce4871074df61a4aaff0eb33bd3f6f33d
-
SHA256
17005eb35cd8421740505643b6280268f850e6e23a2026e1d10afdf167a814b3
-
SHA512
87258cf1b1d1e5614b11d06e21738ea7c7b235635eb07da44e8ad50bbea90b5a13a0000ef8eb26c93e784c6f2222028310725878fa16bad4bca2a98bc7220fbf
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAoQRL:1nK6a+qdOOtEvwDpjC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-