General
-
Target
2024-05-23_cfff8ff2f822f99920d97ae94a8d3e87_cryptolocker
-
Size
40KB
-
Sample
240523-a89g2aff65
-
MD5
cfff8ff2f822f99920d97ae94a8d3e87
-
SHA1
37df2aa4d6d2caebfa443cf61f6db7628f3a916d
-
SHA256
ae0c031d2ef7fc3d45398c0f06731471f87b9dfe18be8cd7f5ebde550c9f09cb
-
SHA512
b83e5fa125523d571fb33fcf20e618b1a1d02a827bc7176b6df325f6c91742479f43523e09dc374a838db5cdfc93b2825b5e8a8b160c8f87fc2f59189598ba6b
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBcF:qDdFJy3QMOtEvwDpjjWMl7Td+
Malware Config
Targets
-
-
Target
2024-05-23_cfff8ff2f822f99920d97ae94a8d3e87_cryptolocker
-
Size
40KB
-
MD5
cfff8ff2f822f99920d97ae94a8d3e87
-
SHA1
37df2aa4d6d2caebfa443cf61f6db7628f3a916d
-
SHA256
ae0c031d2ef7fc3d45398c0f06731471f87b9dfe18be8cd7f5ebde550c9f09cb
-
SHA512
b83e5fa125523d571fb33fcf20e618b1a1d02a827bc7176b6df325f6c91742479f43523e09dc374a838db5cdfc93b2825b5e8a8b160c8f87fc2f59189598ba6b
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYaBcF:qDdFJy3QMOtEvwDpjjWMl7Td+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-