General
-
Target
2024-05-29_38acbaea0e97bd3e4594ec9406ec3b97_cryptolocker
-
Size
45KB
-
Sample
240529-g9vtlaec32
-
MD5
38acbaea0e97bd3e4594ec9406ec3b97
-
SHA1
26e32e59a77cbb1391e997a303d785b63318fc9c
-
SHA256
c7adcdaa3ae2be704d3408e54c30969f149bc2ea7624b7863dcc16fc0f39e74d
-
SHA512
9a14e42f9e645d5597539a95755148ae0c509a8f30340d3fc6e2595aa7d2f9926ac0ea687226e0af53569159d36b5de4e37353513070213f9fdae1b7f7c370e0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDA:6j+1NMOtEvwDpjrRrs
Malware Config
Targets
-
-
Target
2024-05-29_38acbaea0e97bd3e4594ec9406ec3b97_cryptolocker
-
Size
45KB
-
MD5
38acbaea0e97bd3e4594ec9406ec3b97
-
SHA1
26e32e59a77cbb1391e997a303d785b63318fc9c
-
SHA256
c7adcdaa3ae2be704d3408e54c30969f149bc2ea7624b7863dcc16fc0f39e74d
-
SHA512
9a14e42f9e645d5597539a95755148ae0c509a8f30340d3fc6e2595aa7d2f9926ac0ea687226e0af53569159d36b5de4e37353513070213f9fdae1b7f7c370e0
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aMDA:6j+1NMOtEvwDpjrRrs
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-