General
-
Target
2024-06-06_20c7f088b9150472d39c86beb6684083_cryptolocker
-
Size
58KB
-
Sample
240606-3djbksde5t
-
MD5
20c7f088b9150472d39c86beb6684083
-
SHA1
579f924b90ceeda67c4c1d4cd7276cad29a377dd
-
SHA256
f230b6b3dfc54af0afdf057175ed09ce2dee4fac8b1697f0f08eabfa9823c68a
-
SHA512
1cfa21fce3e7047958901fe0f5403b989a9caf3ff61f9d59028c658ffcbc4d6349ded5535f764df1def9ecea6c85a17c39a2799652e271e980dc5a3252a158df
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4E:6j+1NMOtEvwDpjr8oxExe4E
Malware Config
Targets
-
-
Target
2024-06-06_20c7f088b9150472d39c86beb6684083_cryptolocker
-
Size
58KB
-
MD5
20c7f088b9150472d39c86beb6684083
-
SHA1
579f924b90ceeda67c4c1d4cd7276cad29a377dd
-
SHA256
f230b6b3dfc54af0afdf057175ed09ce2dee4fac8b1697f0f08eabfa9823c68a
-
SHA512
1cfa21fce3e7047958901fe0f5403b989a9caf3ff61f9d59028c658ffcbc4d6349ded5535f764df1def9ecea6c85a17c39a2799652e271e980dc5a3252a158df
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4E:6j+1NMOtEvwDpjr8oxExe4E
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-