General
-
Target
2024-06-01_6655daa7307b0eea2da47ed00a251816_cryptolocker
-
Size
47KB
-
Sample
240601-d8pz6shc68
-
MD5
6655daa7307b0eea2da47ed00a251816
-
SHA1
ebe9828bd2cc39b57853fa69149757255ecf345e
-
SHA256
d2c0381a7aec70f25b599f23d74e3d34802a84679da0d63987e5b150f4fe2544
-
SHA512
5106eaebf561f53fb01f9e9ff465282376220385a38ae8d6791e8b83ad85ce0b82622ae52740460db41acc157956ae9895245b0ddabd8bfb49605dc3fbccf655
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhv:xj+VGMOtEvwDpjy+TRhv
Malware Config
Targets
-
-
Target
2024-06-01_6655daa7307b0eea2da47ed00a251816_cryptolocker
-
Size
47KB
-
MD5
6655daa7307b0eea2da47ed00a251816
-
SHA1
ebe9828bd2cc39b57853fa69149757255ecf345e
-
SHA256
d2c0381a7aec70f25b599f23d74e3d34802a84679da0d63987e5b150f4fe2544
-
SHA512
5106eaebf561f53fb01f9e9ff465282376220385a38ae8d6791e8b83ad85ce0b82622ae52740460db41acc157956ae9895245b0ddabd8bfb49605dc3fbccf655
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhv:xj+VGMOtEvwDpjy+TRhv
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-