General
-
Target
2024-05-23_a14971857ddb76929a2813a9dd417b69_cryptolocker
-
Size
55KB
-
Sample
240523-c37glaah3w
-
MD5
a14971857ddb76929a2813a9dd417b69
-
SHA1
0f177cc3affc13687e109acd8ac0aab8a70cdd12
-
SHA256
b2e4c0bf5300551384617ac57f2d526ed7950d55bf507009fd78559b48da1fb2
-
SHA512
e8ba2dec0c7ea79af86534719d16c2058492e2964c600ceaeef59bc4daba2dc08d57ff3ffd68609566aa0261bd8ba46e0db23a2183c550c5be6c209c9d0055fe
-
SSDEEP
768:lQz7yVEhs9+4uR1bytOOtEvwDpjWfbP/bmq:lj+VGMOtEvwDpjubXbmq
Malware Config
Targets
-
-
Target
2024-05-23_a14971857ddb76929a2813a9dd417b69_cryptolocker
-
Size
55KB
-
MD5
a14971857ddb76929a2813a9dd417b69
-
SHA1
0f177cc3affc13687e109acd8ac0aab8a70cdd12
-
SHA256
b2e4c0bf5300551384617ac57f2d526ed7950d55bf507009fd78559b48da1fb2
-
SHA512
e8ba2dec0c7ea79af86534719d16c2058492e2964c600ceaeef59bc4daba2dc08d57ff3ffd68609566aa0261bd8ba46e0db23a2183c550c5be6c209c9d0055fe
-
SSDEEP
768:lQz7yVEhs9+4uR1bytOOtEvwDpjWfbP/bmq:lj+VGMOtEvwDpjubXbmq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-