General
-
Target
2024-05-31_6540684a3424ce6f807ccc7e57a265bc_cryptolocker
-
Size
95KB
-
Sample
240531-x8rnjsbd43
-
MD5
6540684a3424ce6f807ccc7e57a265bc
-
SHA1
a1bab68286adc425c4aa64ef3394e846d9dff816
-
SHA256
360246b50ab9c231fb18b625b768fce768aa5e8303d773e9c033f17bda2bfedc
-
SHA512
2ecfb9d523e5a9d3b936f47083e1dc028f21c11cb0a2314c2325be1d370fa112c529edaebb0f9ed17cbbf34c7fc2d29c2b94a03093d89b1a8522c24061c9e16b
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kn:zCsanOtEvwDpjB8
Malware Config
Targets
-
-
Target
2024-05-31_6540684a3424ce6f807ccc7e57a265bc_cryptolocker
-
Size
95KB
-
MD5
6540684a3424ce6f807ccc7e57a265bc
-
SHA1
a1bab68286adc425c4aa64ef3394e846d9dff816
-
SHA256
360246b50ab9c231fb18b625b768fce768aa5e8303d773e9c033f17bda2bfedc
-
SHA512
2ecfb9d523e5a9d3b936f47083e1dc028f21c11cb0a2314c2325be1d370fa112c529edaebb0f9ed17cbbf34c7fc2d29c2b94a03093d89b1a8522c24061c9e16b
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kn:zCsanOtEvwDpjB8
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-