General
-
Target
2024-06-08_e7ca1c48b7765b3b42487307fc9a69e2_cryptolocker
-
Size
47KB
-
Sample
240608-emgbkshf68
-
MD5
e7ca1c48b7765b3b42487307fc9a69e2
-
SHA1
105c529c42e86db3b7e08a0443d5d8066a61dad1
-
SHA256
38e51cb6f45035f3476780d726fe058e588cc32a74a1d9427ac7ad53794036c9
-
SHA512
a21b6d39aa7b3e5fd925d552aa34f07683d6d8cad155482aba17370a77d00ffd2ee05d7e657455d63d8d7a5e37ce5cf21a540ba37c8c6d3ac92dd060ef7e56d1
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhI:xj+VGMOtEvwDpjy+TRhI
Malware Config
Targets
-
-
Target
2024-06-08_e7ca1c48b7765b3b42487307fc9a69e2_cryptolocker
-
Size
47KB
-
MD5
e7ca1c48b7765b3b42487307fc9a69e2
-
SHA1
105c529c42e86db3b7e08a0443d5d8066a61dad1
-
SHA256
38e51cb6f45035f3476780d726fe058e588cc32a74a1d9427ac7ad53794036c9
-
SHA512
a21b6d39aa7b3e5fd925d552aa34f07683d6d8cad155482aba17370a77d00ffd2ee05d7e657455d63d8d7a5e37ce5cf21a540ba37c8c6d3ac92dd060ef7e56d1
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhI:xj+VGMOtEvwDpjy+TRhI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-