General
-
Target
2024-06-11_84068ec982fa7607d1620bc814c704e8_cryptolocker
-
Size
49KB
-
Sample
240611-sr7wzssbqr
-
MD5
84068ec982fa7607d1620bc814c704e8
-
SHA1
798964a1ed23d7fa8e71aeb3ecb8eb75358dc262
-
SHA256
1cc128ffb0b27fdba99c7050d35f1fe530c69459e3a909938ad9e628bb8db1cf
-
SHA512
348940607fa7d6d3c23220bab8963eed2b8e0e61bcb0a97f8a71a6ec56417cba44629dacfe89d57c803b42cc3852f791591b843ac56cab2b1f6162390b944221
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaN49hY:xj+VGMOtEvwDpjy+TN4LY
Malware Config
Targets
-
-
Target
2024-06-11_84068ec982fa7607d1620bc814c704e8_cryptolocker
-
Size
49KB
-
MD5
84068ec982fa7607d1620bc814c704e8
-
SHA1
798964a1ed23d7fa8e71aeb3ecb8eb75358dc262
-
SHA256
1cc128ffb0b27fdba99c7050d35f1fe530c69459e3a909938ad9e628bb8db1cf
-
SHA512
348940607fa7d6d3c23220bab8963eed2b8e0e61bcb0a97f8a71a6ec56417cba44629dacfe89d57c803b42cc3852f791591b843ac56cab2b1f6162390b944221
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaN49hY:xj+VGMOtEvwDpjy+TN4LY
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-