General
-
Target
2024-05-25_bc0a2f32100db4c18350a5ca491a233d_cryptolocker
-
Size
44KB
-
Sample
240525-gd2l9sgb71
-
MD5
bc0a2f32100db4c18350a5ca491a233d
-
SHA1
6e1fa236dbcae11d406c2638a5e7214f0645d043
-
SHA256
2132253f8faa8cc57b92ea37a84b78ad8fb993ccdcf13c4cfac1e250d7cdd6af
-
SHA512
246a3b1bcce1d74316f2917bc4ec2971aa224c9c8b8f977d643bbe434fd7572e66124202e8dcc0fcd97279ef327e1d250c2157b00c57f113a90a461413514c12
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0D7:6j+1NMOtEvwDpjrR2XabMQ7
Malware Config
Targets
-
-
Target
2024-05-25_bc0a2f32100db4c18350a5ca491a233d_cryptolocker
-
Size
44KB
-
MD5
bc0a2f32100db4c18350a5ca491a233d
-
SHA1
6e1fa236dbcae11d406c2638a5e7214f0645d043
-
SHA256
2132253f8faa8cc57b92ea37a84b78ad8fb993ccdcf13c4cfac1e250d7cdd6af
-
SHA512
246a3b1bcce1d74316f2917bc4ec2971aa224c9c8b8f977d643bbe434fd7572e66124202e8dcc0fcd97279ef327e1d250c2157b00c57f113a90a461413514c12
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/CtXabM0D7:6j+1NMOtEvwDpjrR2XabMQ7
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-