General
-
Target
2024-05-24_f85f8aed872b9d76f6e2f7d13fdc4efd_cryptolocker
-
Size
64KB
-
Sample
240524-etpljacg7z
-
MD5
f85f8aed872b9d76f6e2f7d13fdc4efd
-
SHA1
1b4a3e25ab17d8c94012a56f9e141075deb60f98
-
SHA256
40792b9e867a73eccb2a5dd7b069608c1b33c31755ee310b0b27f6f13e214b62
-
SHA512
abb5390c5bf3e90cb5082d3416194818da6169ddf4f6532c291978c263cd447d8891a3af1f6b7381cba05429330d4d4288b8ef5e562092a1f62c37c9138b9826
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xK:1nK6a+qdOOtEvwDpjA
Malware Config
Targets
-
-
Target
2024-05-24_f85f8aed872b9d76f6e2f7d13fdc4efd_cryptolocker
-
Size
64KB
-
MD5
f85f8aed872b9d76f6e2f7d13fdc4efd
-
SHA1
1b4a3e25ab17d8c94012a56f9e141075deb60f98
-
SHA256
40792b9e867a73eccb2a5dd7b069608c1b33c31755ee310b0b27f6f13e214b62
-
SHA512
abb5390c5bf3e90cb5082d3416194818da6169ddf4f6532c291978c263cd447d8891a3af1f6b7381cba05429330d4d4288b8ef5e562092a1f62c37c9138b9826
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xK:1nK6a+qdOOtEvwDpjA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-