General
-
Target
2024-05-26_03d12636f5052f8efd36b07d324cffc7_cryptolocker
-
Size
44KB
-
Sample
240526-ssfh5abh25
-
MD5
03d12636f5052f8efd36b07d324cffc7
-
SHA1
60e4dbe608bf8c65a6e55db513446ff609d96bd8
-
SHA256
eba7909c2548d4176a1571f2f81c1d4e15092cb8954d5e00b1d5f95556d41bc5
-
SHA512
897e617685987edf964ab1fb4f4ffbadbfc43272e6ebdccbfb2a13bc881d66b4852a5ef0419ef6b99209203e63c55bcd2e2d45cdac538b79fabf2cae571e0fab
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMD9:6j+1NMOtEvwDpjrRrx
Malware Config
Targets
-
-
Target
2024-05-26_03d12636f5052f8efd36b07d324cffc7_cryptolocker
-
Size
44KB
-
MD5
03d12636f5052f8efd36b07d324cffc7
-
SHA1
60e4dbe608bf8c65a6e55db513446ff609d96bd8
-
SHA256
eba7909c2548d4176a1571f2f81c1d4e15092cb8954d5e00b1d5f95556d41bc5
-
SHA512
897e617685987edf964ab1fb4f4ffbadbfc43272e6ebdccbfb2a13bc881d66b4852a5ef0419ef6b99209203e63c55bcd2e2d45cdac538b79fabf2cae571e0fab
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMD9:6j+1NMOtEvwDpjrRrx
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-