General
-
Target
2024-05-23_c260d6a4974c1c154c164fb1e0b4afe2_cryptolocker
-
Size
75KB
-
Sample
240523-3kvm7ade35
-
MD5
c260d6a4974c1c154c164fb1e0b4afe2
-
SHA1
154c07bd86bb810a8eab63c93aba2a2ed01c35e3
-
SHA256
aa9caa19bb2a251db6db19267ff6de7f1a2940c0d96970c49267cf11cd49e11a
-
SHA512
0827967b274bf0f4f0315ab4891d6c0c8e0e3feab40d0cfc5f7270e96b66b8f9934b787c3501e73729bc61038ef8c3390e6f0d785c35dd737269d1e902fb7610
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUPH:xj+VGMOtEvwDpjubwQEI8UPH
Malware Config
Targets
-
-
Target
2024-05-23_c260d6a4974c1c154c164fb1e0b4afe2_cryptolocker
-
Size
75KB
-
MD5
c260d6a4974c1c154c164fb1e0b4afe2
-
SHA1
154c07bd86bb810a8eab63c93aba2a2ed01c35e3
-
SHA256
aa9caa19bb2a251db6db19267ff6de7f1a2940c0d96970c49267cf11cd49e11a
-
SHA512
0827967b274bf0f4f0315ab4891d6c0c8e0e3feab40d0cfc5f7270e96b66b8f9934b787c3501e73729bc61038ef8c3390e6f0d785c35dd737269d1e902fb7610
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUPH:xj+VGMOtEvwDpjubwQEI8UPH
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-