General
-
Target
2024-06-04_78b91176e69dc126d5de48e2562574f7_cryptolocker
-
Size
60KB
-
Sample
240604-vw7swsdg8w
-
MD5
78b91176e69dc126d5de48e2562574f7
-
SHA1
813df889df3d8695b7f6706046aeb079c8f0c36e
-
SHA256
83d4939affd607abf19156fc5e21471c590ad531657aa277f90c1624961468af
-
SHA512
fee28f304909e4f7f528a613a839941c1725c746efea641d61e0dbd468e81f56e9f1078bedcb2f3e1dcfec2e01474655c71c88b082178f6578483ef0efc30bb2
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pn:H6QFElP6n+gou9cvMOtEvwDpjCpVX5
Malware Config
Targets
-
-
Target
2024-06-04_78b91176e69dc126d5de48e2562574f7_cryptolocker
-
Size
60KB
-
MD5
78b91176e69dc126d5de48e2562574f7
-
SHA1
813df889df3d8695b7f6706046aeb079c8f0c36e
-
SHA256
83d4939affd607abf19156fc5e21471c590ad531657aa277f90c1624961468af
-
SHA512
fee28f304909e4f7f528a613a839941c1725c746efea641d61e0dbd468e81f56e9f1078bedcb2f3e1dcfec2e01474655c71c88b082178f6578483ef0efc30bb2
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pn:H6QFElP6n+gou9cvMOtEvwDpjCpVX5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-