General
-
Target
2024-05-27_3978d354be573ec78a9604d7f5394980_cryptolocker
-
Size
42KB
-
Sample
240527-btke2acc64
-
MD5
3978d354be573ec78a9604d7f5394980
-
SHA1
96edeaa80d22493624c82015311ba7f59ce5b4e9
-
SHA256
324dfe3c9a0a8fab45e2690c65ffa93804ea9f815d7a2e71b5c4a3f200c10cf7
-
SHA512
18abf624301c6d70a14c3215ff6155af3a323783d6b39a4742a146c3f74506a9d9e5922e49eab7747241b890df2e8de771b2dadc7be2301f5b8b7b5873a15ad1
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhfD:i5nkFGMOtEvwDpjR+viHshN5D
Malware Config
Targets
-
-
Target
2024-05-27_3978d354be573ec78a9604d7f5394980_cryptolocker
-
Size
42KB
-
MD5
3978d354be573ec78a9604d7f5394980
-
SHA1
96edeaa80d22493624c82015311ba7f59ce5b4e9
-
SHA256
324dfe3c9a0a8fab45e2690c65ffa93804ea9f815d7a2e71b5c4a3f200c10cf7
-
SHA512
18abf624301c6d70a14c3215ff6155af3a323783d6b39a4742a146c3f74506a9d9e5922e49eab7747241b890df2e8de771b2dadc7be2301f5b8b7b5873a15ad1
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhfD:i5nkFGMOtEvwDpjR+viHshN5D
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-