General
-
Target
2024-05-26_1d3366c51279f193a27882d3469ee432_cryptolocker
-
Size
42KB
-
Sample
240526-z8jztadd46
-
MD5
1d3366c51279f193a27882d3469ee432
-
SHA1
76f828a60a8f0ac3b767db60b6a7333c8c23d81c
-
SHA256
26ca0dc74975b768c6180561acb2d1533b9b5eca9d14991e7cb32c8b14d7a874
-
SHA512
cc9f57b3be0eff0bc002fa54702a8cb31eba807618cd512bc933ba0326807d4c8ad311ce865d5dda77f250e35c90ea640ae54caf284aa61c26f8a85f1c6f9bd1
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhfB:i5nkFGMOtEvwDpjR+viHshN5B
Malware Config
Targets
-
-
Target
2024-05-26_1d3366c51279f193a27882d3469ee432_cryptolocker
-
Size
42KB
-
MD5
1d3366c51279f193a27882d3469ee432
-
SHA1
76f828a60a8f0ac3b767db60b6a7333c8c23d81c
-
SHA256
26ca0dc74975b768c6180561acb2d1533b9b5eca9d14991e7cb32c8b14d7a874
-
SHA512
cc9f57b3be0eff0bc002fa54702a8cb31eba807618cd512bc933ba0326807d4c8ad311ce865d5dda77f250e35c90ea640ae54caf284aa61c26f8a85f1c6f9bd1
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhfB:i5nkFGMOtEvwDpjR+viHshN5B
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-