General
-
Target
2024-05-23_d96964648e89e0a9ab36ab7ca98ec377_cryptolocker
-
Size
39KB
-
Sample
240523-bagj2afg29
-
MD5
d96964648e89e0a9ab36ab7ca98ec377
-
SHA1
b1a932828d1081e5aba1c2a4ce478e8a7480f565
-
SHA256
b85c4af5ca96216a701c1562fac0d8215f1840bc29c1c8b742a07c9c6402ce93
-
SHA512
9bb5803454cf4a4ee927cebd8372d26a9849b46942af90c00a1d7d16546375eae35a6a51b8a5ef244edc07ab03afc66685ccc9f10b081d03af21f0201412901b
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYlQ:qDdFJy3QMOtEvwDpjjWMl7T6Q
Malware Config
Targets
-
-
Target
2024-05-23_d96964648e89e0a9ab36ab7ca98ec377_cryptolocker
-
Size
39KB
-
MD5
d96964648e89e0a9ab36ab7ca98ec377
-
SHA1
b1a932828d1081e5aba1c2a4ce478e8a7480f565
-
SHA256
b85c4af5ca96216a701c1562fac0d8215f1840bc29c1c8b742a07c9c6402ce93
-
SHA512
9bb5803454cf4a4ee927cebd8372d26a9849b46942af90c00a1d7d16546375eae35a6a51b8a5ef244edc07ab03afc66685ccc9f10b081d03af21f0201412901b
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYlQ:qDdFJy3QMOtEvwDpjjWMl7T6Q
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-