General
-
Target
2024-05-23_bf33dc67557031625b660590e3d985e9_cryptolocker
-
Size
102KB
-
Sample
240523-wx4cjabf28
-
MD5
bf33dc67557031625b660590e3d985e9
-
SHA1
b9b3a3518cc20990d2c7156f109f5bfd022ef53a
-
SHA256
ee1682d3e45b2864dea6a8de5d6904f4e8549fdd16f2bcb5e72954d05e19a9c6
-
SHA512
c7c67308c1f21c9febf6fa6b61dc8af006b7585ae59b98a2f15c0d3e5e0f06791445021ddb6d1dc887e0f7f493dc12cb1d1d5e59dcb388582bd42a16537cb512
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPeBc6:AnBdOOtEvwDpj6z4
Malware Config
Targets
-
-
Target
2024-05-23_bf33dc67557031625b660590e3d985e9_cryptolocker
-
Size
102KB
-
MD5
bf33dc67557031625b660590e3d985e9
-
SHA1
b9b3a3518cc20990d2c7156f109f5bfd022ef53a
-
SHA256
ee1682d3e45b2864dea6a8de5d6904f4e8549fdd16f2bcb5e72954d05e19a9c6
-
SHA512
c7c67308c1f21c9febf6fa6b61dc8af006b7585ae59b98a2f15c0d3e5e0f06791445021ddb6d1dc887e0f7f493dc12cb1d1d5e59dcb388582bd42a16537cb512
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPeBc6:AnBdOOtEvwDpj6z4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-