General
-
Target
2024-05-24_ab6fe2cf16d93fe341dc6b98f3a56610_cryptolocker
-
Size
43KB
-
Sample
240524-2nzwmsea53
-
MD5
ab6fe2cf16d93fe341dc6b98f3a56610
-
SHA1
bd1dcc6f4c8fe55e58df529e965285df1fde70f0
-
SHA256
6aa08fd77274b2f93bf1e6fc9af48534032960c013467d77d237c765bd378405
-
SHA512
c4d9657d1c54727ee2184900cb50c47811b35f0211f076cd8444df8d1324cfb19a761fa476630e839ae183c803284eda77652ff8be1b813c92495732161321bf
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0h:6j+1NMOtEvwDpjrR2XabMu
Malware Config
Targets
-
-
Target
2024-05-24_ab6fe2cf16d93fe341dc6b98f3a56610_cryptolocker
-
Size
43KB
-
MD5
ab6fe2cf16d93fe341dc6b98f3a56610
-
SHA1
bd1dcc6f4c8fe55e58df529e965285df1fde70f0
-
SHA256
6aa08fd77274b2f93bf1e6fc9af48534032960c013467d77d237c765bd378405
-
SHA512
c4d9657d1c54727ee2184900cb50c47811b35f0211f076cd8444df8d1324cfb19a761fa476630e839ae183c803284eda77652ff8be1b813c92495732161321bf
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0h:6j+1NMOtEvwDpjrR2XabMu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-