General
-
Target
2024-06-08_370ef8eb22d34d72d4c79c5da7c8b0d9_cryptolocker
-
Size
70KB
-
Sample
240608-d39sdshc87
-
MD5
370ef8eb22d34d72d4c79c5da7c8b0d9
-
SHA1
52bc5a6be960390aacb11cca8473b479562d56c7
-
SHA256
c59e380885c921a2ebcff773e585dd8c66e01dcf5a0d23966303a4e258450f85
-
SHA512
ff3fa78d53da8e4ae0c29e89b2d358f746cf4a30f9a715dd4585a02efe7db7a0bccfa0b00c77b86bc7bfa9ecf3dbea857ef8829a715b32be925278587691cb28
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d8XnFZ:i5nkFGMOtEvwDpjNbwQEI8UZDe3z
Malware Config
Targets
-
-
Target
2024-06-08_370ef8eb22d34d72d4c79c5da7c8b0d9_cryptolocker
-
Size
70KB
-
MD5
370ef8eb22d34d72d4c79c5da7c8b0d9
-
SHA1
52bc5a6be960390aacb11cca8473b479562d56c7
-
SHA256
c59e380885c921a2ebcff773e585dd8c66e01dcf5a0d23966303a4e258450f85
-
SHA512
ff3fa78d53da8e4ae0c29e89b2d358f746cf4a30f9a715dd4585a02efe7db7a0bccfa0b00c77b86bc7bfa9ecf3dbea857ef8829a715b32be925278587691cb28
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUNsYD/d8XnFZ:i5nkFGMOtEvwDpjNbwQEI8UZDe3z
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-