General
-
Target
2024-05-29_882101a1ceb5ead8c24a348800c4c429_cryptolocker
-
Size
96KB
-
Sample
240529-xwf2aafd92
-
MD5
882101a1ceb5ead8c24a348800c4c429
-
SHA1
1f18ed436031d2ae66480f1d918e4e74a24ea022
-
SHA256
82ba14f4cd2b1ae11756a34b055c67b8f4d398bef71b471ed8f393bb763d5b83
-
SHA512
6018306bd92f16e2bba7104b800387551d05c594366d27612a4a9b3d9b4b31152c40b69597f899d99929c89ee1434590f582513b99f45c0a183027e478e8dd53
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvAcc:xj+VGMOtEvwDpjubwQEI8UtzNcO8Acc
Malware Config
Targets
-
-
Target
2024-05-29_882101a1ceb5ead8c24a348800c4c429_cryptolocker
-
Size
96KB
-
MD5
882101a1ceb5ead8c24a348800c4c429
-
SHA1
1f18ed436031d2ae66480f1d918e4e74a24ea022
-
SHA256
82ba14f4cd2b1ae11756a34b055c67b8f4d398bef71b471ed8f393bb763d5b83
-
SHA512
6018306bd92f16e2bba7104b800387551d05c594366d27612a4a9b3d9b4b31152c40b69597f899d99929c89ee1434590f582513b99f45c0a183027e478e8dd53
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvAcc:xj+VGMOtEvwDpjubwQEI8UtzNcO8Acc
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-