General
-
Target
2024-06-01_00578a389763b4f3fd97f0d9760d9fb8_cryptolocker
-
Size
47KB
-
Sample
240601-g5ftwadc66
-
MD5
00578a389763b4f3fd97f0d9760d9fb8
-
SHA1
3403564bb826f93a8ee30c5f4152846299cbebdb
-
SHA256
fd6ec3a62df2a274e853e9caeb6e75b8e2e3a9f8b280f93a50eaeb50e464d4f6
-
SHA512
fc322745fb7cd2607b77bb6af7088cd87489fdb82105328dbdfd2d08cb285aedfed641aedbb80f735b06e367376160587cadb6bc9a34abd207ffb0e42b706c83
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhZl/:xj+VGMOtEvwDpjy+TRhb/
Malware Config
Targets
-
-
Target
2024-06-01_00578a389763b4f3fd97f0d9760d9fb8_cryptolocker
-
Size
47KB
-
MD5
00578a389763b4f3fd97f0d9760d9fb8
-
SHA1
3403564bb826f93a8ee30c5f4152846299cbebdb
-
SHA256
fd6ec3a62df2a274e853e9caeb6e75b8e2e3a9f8b280f93a50eaeb50e464d4f6
-
SHA512
fc322745fb7cd2607b77bb6af7088cd87489fdb82105328dbdfd2d08cb285aedfed641aedbb80f735b06e367376160587cadb6bc9a34abd207ffb0e42b706c83
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhZl/:xj+VGMOtEvwDpjy+TRhb/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-