General
-
Target
2024-05-27_bc1de2f55d26266d9f4da5165539a9b2_cryptolocker
-
Size
48KB
-
Sample
240527-kcvzwaef37
-
MD5
bc1de2f55d26266d9f4da5165539a9b2
-
SHA1
df9ff41aba8707e8daf4f15c049067270b3f8165
-
SHA256
e0a8222b8d8dfa7d01b09657e86af0f4be03842e678ca7e46349acc63b0aba73
-
SHA512
f6e999d6887c06516a000afccf8925946626a0034d9e4a121c11ee0d8c8eb507870bddc144e4ed04dc46877d541e1aecd4727f0dbabd81e1431cfc5fc7a962ea
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAEl:xj+VGMOtEvwDpjy+TRhxl
Malware Config
Targets
-
-
Target
2024-05-27_bc1de2f55d26266d9f4da5165539a9b2_cryptolocker
-
Size
48KB
-
MD5
bc1de2f55d26266d9f4da5165539a9b2
-
SHA1
df9ff41aba8707e8daf4f15c049067270b3f8165
-
SHA256
e0a8222b8d8dfa7d01b09657e86af0f4be03842e678ca7e46349acc63b0aba73
-
SHA512
f6e999d6887c06516a000afccf8925946626a0034d9e4a121c11ee0d8c8eb507870bddc144e4ed04dc46877d541e1aecd4727f0dbabd81e1431cfc5fc7a962ea
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAEl:xj+VGMOtEvwDpjy+TRhxl
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-