General
-
Target
2024-06-08_2017dc51f7b433ca85d19b4da9e13186_cryptolocker
-
Size
45KB
-
Sample
240608-xg6y6aef5x
-
MD5
2017dc51f7b433ca85d19b4da9e13186
-
SHA1
a8fb4f94885081263ffb34646375883d7a0c4474
-
SHA256
d35b40868ffe8f6741899940a011d7f6b85ce7e1c1134a99b332f067a56ff579
-
SHA512
c19ffd42772e66b43cfe4d6ce58eeacd0146bb0cc54d903a330364255f952a7e9ce41eb3093b1adaacef281beedba3092c1fd71c211b2d579e937f9a05cefaa4
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAMC:b/pYayGig5HjS3NPAMC
Malware Config
Targets
-
-
Target
2024-06-08_2017dc51f7b433ca85d19b4da9e13186_cryptolocker
-
Size
45KB
-
MD5
2017dc51f7b433ca85d19b4da9e13186
-
SHA1
a8fb4f94885081263ffb34646375883d7a0c4474
-
SHA256
d35b40868ffe8f6741899940a011d7f6b85ce7e1c1134a99b332f067a56ff579
-
SHA512
c19ffd42772e66b43cfe4d6ce58eeacd0146bb0cc54d903a330364255f952a7e9ce41eb3093b1adaacef281beedba3092c1fd71c211b2d579e937f9a05cefaa4
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAMC:b/pYayGig5HjS3NPAMC
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-