General
-
Target
2024-06-04_05adeaeeba564c2f66b1941521d0c466_cryptolocker
-
Size
44KB
-
Sample
240604-e1epxach7x
-
MD5
05adeaeeba564c2f66b1941521d0c466
-
SHA1
8dd5818c2926c78127e29dc1d1dba9d31890e4f4
-
SHA256
5af446dbe2d5de25ac5508a23661ae826de2e6942b98069540d3bc65be4e4ac7
-
SHA512
225b1656a8218e582f86a21c1462bae76b5a7045adc1f88e4407bacf3673507d08bdec05a2f3130c70a4c5c800e23156b357cf41c10973148f0ed1815291f263
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDi:6j+1NMOtEvwDpjrRV
Malware Config
Targets
-
-
Target
2024-06-04_05adeaeeba564c2f66b1941521d0c466_cryptolocker
-
Size
44KB
-
MD5
05adeaeeba564c2f66b1941521d0c466
-
SHA1
8dd5818c2926c78127e29dc1d1dba9d31890e4f4
-
SHA256
5af446dbe2d5de25ac5508a23661ae826de2e6942b98069540d3bc65be4e4ac7
-
SHA512
225b1656a8218e582f86a21c1462bae76b5a7045adc1f88e4407bacf3673507d08bdec05a2f3130c70a4c5c800e23156b357cf41c10973148f0ed1815291f263
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/aDi:6j+1NMOtEvwDpjrRV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-