General
-
Target
2024-05-25_33d65d21a01a6f3261c2e5ea1bcfc4f8_cryptolocker
-
Size
62KB
-
Sample
240525-2tms9sdd7v
-
MD5
33d65d21a01a6f3261c2e5ea1bcfc4f8
-
SHA1
73aae12177aed6ddeace0e8524c1895879d492a6
-
SHA256
27ce3426a3f0af9df8a3c1689f609e114ca66ecd2d3b34eb74f71a1e9fdfc46a
-
SHA512
f35676e23672e4da32b419f1bf29dc999ae1eaff84e8184b5d792bc216c5f29833752255f00f9241d2dd5b0ca2b0409cc42e714f4c9c504f3d7c9ff641117117
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwD4:xj+VGMOtEvwDpjubEgywk
Malware Config
Targets
-
-
Target
2024-05-25_33d65d21a01a6f3261c2e5ea1bcfc4f8_cryptolocker
-
Size
62KB
-
MD5
33d65d21a01a6f3261c2e5ea1bcfc4f8
-
SHA1
73aae12177aed6ddeace0e8524c1895879d492a6
-
SHA256
27ce3426a3f0af9df8a3c1689f609e114ca66ecd2d3b34eb74f71a1e9fdfc46a
-
SHA512
f35676e23672e4da32b419f1bf29dc999ae1eaff84e8184b5d792bc216c5f29833752255f00f9241d2dd5b0ca2b0409cc42e714f4c9c504f3d7c9ff641117117
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwD4:xj+VGMOtEvwDpjubEgywk
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-