General
-
Target
2024-05-22_7586af0b27c2facefbeb740da435ede3_cryptolocker
-
Size
39KB
-
Sample
240522-yphrzaed21
-
MD5
7586af0b27c2facefbeb740da435ede3
-
SHA1
97b32764e22e1deb11080ecbc60ec7d2e6736c0c
-
SHA256
1b35844d6d9a7478662ced47a32880881429099188c37a157e72af312028c659
-
SHA512
6becb201136c3f4029346fd346b0c63e56d684e16081638210cc3c6c8fde1c3bd1fcee77c180b226d02e564713f49ffd42fe582d9237141a10371564d0d7aef9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaaUr:qDdFJy3QMOtEvwDpjjWMl7TdaUr
Malware Config
Targets
-
-
Target
2024-05-22_7586af0b27c2facefbeb740da435ede3_cryptolocker
-
Size
39KB
-
MD5
7586af0b27c2facefbeb740da435ede3
-
SHA1
97b32764e22e1deb11080ecbc60ec7d2e6736c0c
-
SHA256
1b35844d6d9a7478662ced47a32880881429099188c37a157e72af312028c659
-
SHA512
6becb201136c3f4029346fd346b0c63e56d684e16081638210cc3c6c8fde1c3bd1fcee77c180b226d02e564713f49ffd42fe582d9237141a10371564d0d7aef9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaaUr:qDdFJy3QMOtEvwDpjjWMl7TdaUr
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-