General
-
Target
2024-05-27_c7621d2226eee0117060e7778a9fe1fa_cryptolocker
-
Size
44KB
-
Sample
240527-vdwynsbg83
-
MD5
c7621d2226eee0117060e7778a9fe1fa
-
SHA1
79b2912849f13f4ab6c35d6fbf068d61b8312a03
-
SHA256
fbb61a0075030f20f224a8d965c7a17581fd889b94c025dea7fa41dfe24b71e2
-
SHA512
d9451b092306a49482b64f02d2bc08f70e902456d31dcf86b3f1c0ffa492028265fef8ac96bccddf3595c47303f01c50797399f4b7717e395bcd7b4481dfe0ec
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDS:6j+1NMOtEvwDpjrRrm
Malware Config
Targets
-
-
Target
2024-05-27_c7621d2226eee0117060e7778a9fe1fa_cryptolocker
-
Size
44KB
-
MD5
c7621d2226eee0117060e7778a9fe1fa
-
SHA1
79b2912849f13f4ab6c35d6fbf068d61b8312a03
-
SHA256
fbb61a0075030f20f224a8d965c7a17581fd889b94c025dea7fa41dfe24b71e2
-
SHA512
d9451b092306a49482b64f02d2bc08f70e902456d31dcf86b3f1c0ffa492028265fef8ac96bccddf3595c47303f01c50797399f4b7717e395bcd7b4481dfe0ec
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDS:6j+1NMOtEvwDpjrRrm
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-