General
-
Target
2024-06-10_ffb5e536307cf11067f864e3833217db_cryptolocker
-
Size
49KB
-
Sample
240610-cwne5sag61
-
MD5
ffb5e536307cf11067f864e3833217db
-
SHA1
9bbe338b2297d33cba61a7053ff5800e31d2f2c7
-
SHA256
1438c035b7bd29cf71ae2eb3728474d47224d4baf18bc0c36e66653947860abd
-
SHA512
17bd4cf5c201b33155702bd839effefa8958c5381af8b2a535aa2650af522afe9ae9d4e7f82c6d9a0e6d7307dfd1733290cd47e75caece1d96f817d98ea8c7e6
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAEFo:xj+VGMOtEvwDpjy+TRhxu
Malware Config
Targets
-
-
Target
2024-06-10_ffb5e536307cf11067f864e3833217db_cryptolocker
-
Size
49KB
-
MD5
ffb5e536307cf11067f864e3833217db
-
SHA1
9bbe338b2297d33cba61a7053ff5800e31d2f2c7
-
SHA256
1438c035b7bd29cf71ae2eb3728474d47224d4baf18bc0c36e66653947860abd
-
SHA512
17bd4cf5c201b33155702bd839effefa8958c5381af8b2a535aa2650af522afe9ae9d4e7f82c6d9a0e6d7307dfd1733290cd47e75caece1d96f817d98ea8c7e6
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaRhAEFo:xj+VGMOtEvwDpjy+TRhxu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-