General
-
Target
099e42db09df259b5a9b170b08e0b7667f677e87bbe2f19edea3615f09a7d759
-
Size
69KB
-
Sample
240525-w4s55sde5x
-
MD5
56afab560134b74a4d846efc624c82fc
-
SHA1
882211287468aeedbfd330488824daf6c248a222
-
SHA256
099e42db09df259b5a9b170b08e0b7667f677e87bbe2f19edea3615f09a7d759
-
SHA512
3a52b5187df2d499abc9b16fc3f864afdd3e8e1a123f5cb46dcf6e48584c27cc87d505fe7a77f216cd86ce9478785e02c40899f0f580f9ed7272d2f083ea211d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/dB:i5nkFGMOtEvwDpjNbwQEI8UZDL
Malware Config
Targets
-
-
Target
099e42db09df259b5a9b170b08e0b7667f677e87bbe2f19edea3615f09a7d759
-
Size
69KB
-
MD5
56afab560134b74a4d846efc624c82fc
-
SHA1
882211287468aeedbfd330488824daf6c248a222
-
SHA256
099e42db09df259b5a9b170b08e0b7667f677e87bbe2f19edea3615f09a7d759
-
SHA512
3a52b5187df2d499abc9b16fc3f864afdd3e8e1a123f5cb46dcf6e48584c27cc87d505fe7a77f216cd86ce9478785e02c40899f0f580f9ed7272d2f083ea211d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/dB:i5nkFGMOtEvwDpjNbwQEI8UZDL
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-