General
-
Target
2024-05-27_1b04747509b21e95a24e7ed3d7599953_cryptolocker
-
Size
69KB
-
Sample
240527-2py1qsdh86
-
MD5
1b04747509b21e95a24e7ed3d7599953
-
SHA1
7ef652c3ac6f010d505e7ab3f28e9868204c45dd
-
SHA256
0061721574c8d05fda93457898d3384c690bf245c14b6d4e03fb1513729b1cca
-
SHA512
f02eab55eb37c7ea01eb3917639ffe7ee163bae538b24d5ca792584ea719ae55c5d3b4b5be46a4301a2f96989da6e1e857d9b299786972a06d4c873c2c758ea3
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PD:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAD
Malware Config
Targets
-
-
Target
2024-05-27_1b04747509b21e95a24e7ed3d7599953_cryptolocker
-
Size
69KB
-
MD5
1b04747509b21e95a24e7ed3d7599953
-
SHA1
7ef652c3ac6f010d505e7ab3f28e9868204c45dd
-
SHA256
0061721574c8d05fda93457898d3384c690bf245c14b6d4e03fb1513729b1cca
-
SHA512
f02eab55eb37c7ea01eb3917639ffe7ee163bae538b24d5ca792584ea719ae55c5d3b4b5be46a4301a2f96989da6e1e857d9b299786972a06d4c873c2c758ea3
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1PD:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAD
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-