General
-
Target
2024-05-23_1de9fc77cf17d5f48e581e60f85c6ce8_cryptolocker
-
Size
42KB
-
Sample
240523-cvx8ysad9t
-
MD5
1de9fc77cf17d5f48e581e60f85c6ce8
-
SHA1
a705a3ac88f85ced7c6d9dc7a6a765a159a31071
-
SHA256
ced836e39f0584c0b794a83a94e5fd4e9ad391725bd42926e07e1172d1d1bc6b
-
SHA512
b902cc967b4cbcfaf5f21804154fb5a4c2ec6c05db6666f0bf79ec05b6ee9ed35456a04adb186b7193a8d4ebd11abf17460cb35f711397b82a30b4151b349b69
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhK:i5nkFGMOtEvwDpjR+viHshN4
Malware Config
Targets
-
-
Target
2024-05-23_1de9fc77cf17d5f48e581e60f85c6ce8_cryptolocker
-
Size
42KB
-
MD5
1de9fc77cf17d5f48e581e60f85c6ce8
-
SHA1
a705a3ac88f85ced7c6d9dc7a6a765a159a31071
-
SHA256
ced836e39f0584c0b794a83a94e5fd4e9ad391725bd42926e07e1172d1d1bc6b
-
SHA512
b902cc967b4cbcfaf5f21804154fb5a4c2ec6c05db6666f0bf79ec05b6ee9ed35456a04adb186b7193a8d4ebd11abf17460cb35f711397b82a30b4151b349b69
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhK:i5nkFGMOtEvwDpjR+viHshN4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-