General
-
Target
2024-05-31_e225a19553bd5401f29173f24abdb5cf_cryptolocker
-
Size
91KB
-
Sample
240531-yflr9sah9y
-
MD5
e225a19553bd5401f29173f24abdb5cf
-
SHA1
6a85d17f70b9a26f6119a126cfa8671d09ddb89a
-
SHA256
a5f8ea1ce76f5a5340d17a6445b4f14e426057d086a426aacd0c660f04639add
-
SHA512
8dda0612ca176f7d84b31fe85a85a0631ee1d7ca3863041197b08f053f118e6d43512cd1990e817806076cbbeebf62e471fd309954ba3c1bbfcc159c163852fd
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddAz:AnBdOOtEvwDpj6zo
Malware Config
Targets
-
-
Target
2024-05-31_e225a19553bd5401f29173f24abdb5cf_cryptolocker
-
Size
91KB
-
MD5
e225a19553bd5401f29173f24abdb5cf
-
SHA1
6a85d17f70b9a26f6119a126cfa8671d09ddb89a
-
SHA256
a5f8ea1ce76f5a5340d17a6445b4f14e426057d086a426aacd0c660f04639add
-
SHA512
8dda0612ca176f7d84b31fe85a85a0631ee1d7ca3863041197b08f053f118e6d43512cd1990e817806076cbbeebf62e471fd309954ba3c1bbfcc159c163852fd
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddAz:AnBdOOtEvwDpj6zo
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-