General
-
Target
2024-06-08_5f5ab8ddd21a0aeb22c704af853c3088_cryptolocker
-
Size
60KB
-
Sample
240608-zcsbbagf32
-
MD5
5f5ab8ddd21a0aeb22c704af853c3088
-
SHA1
d1e82517af653825427a5564a21f7fe5a974c4d1
-
SHA256
377c10a1faa863d497d22054b3a348c0cac09c97825f721e894c6efb9e76bfab
-
SHA512
2b590d73beb6591ea279f3b2abf22a844201877d51213f0936e61b40db86469fea7de9ea71eb4c7a226c228fd5bcf481a3f3c48958625b43fd7d6195d89e8d56
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj5:H6QFElP6n+gou9cvMOtEvwDpjCpVX8
Malware Config
Targets
-
-
Target
2024-06-08_5f5ab8ddd21a0aeb22c704af853c3088_cryptolocker
-
Size
60KB
-
MD5
5f5ab8ddd21a0aeb22c704af853c3088
-
SHA1
d1e82517af653825427a5564a21f7fe5a974c4d1
-
SHA256
377c10a1faa863d497d22054b3a348c0cac09c97825f721e894c6efb9e76bfab
-
SHA512
2b590d73beb6591ea279f3b2abf22a844201877d51213f0936e61b40db86469fea7de9ea71eb4c7a226c228fd5bcf481a3f3c48958625b43fd7d6195d89e8d56
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj5:H6QFElP6n+gou9cvMOtEvwDpjCpVX8
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-