General
-
Target
2024-06-13_829c9e58f0def0f6c943e98e45d3ad62_cryptolocker
-
Size
44KB
-
Sample
240613-a2wycsxemh
-
MD5
829c9e58f0def0f6c943e98e45d3ad62
-
SHA1
1d3ae58b53225f356213aaba864567044454ff3e
-
SHA256
f70ae723217841c1ce5993b1efe0e8dc5d6b1b0198801f7e29ea879eb65c981c
-
SHA512
0a1a04922eeb232f3187be89918f02b3b68d6953d80c03720dfa133bc5a8fad3b963aee9c3e4f9e31d9be4ee692c97f701d0cef8051d95259538e09829b50bd1
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/agqEy:6j+1NMOtEvwDpjrRtqn
Malware Config
Targets
-
-
Target
2024-06-13_829c9e58f0def0f6c943e98e45d3ad62_cryptolocker
-
Size
44KB
-
MD5
829c9e58f0def0f6c943e98e45d3ad62
-
SHA1
1d3ae58b53225f356213aaba864567044454ff3e
-
SHA256
f70ae723217841c1ce5993b1efe0e8dc5d6b1b0198801f7e29ea879eb65c981c
-
SHA512
0a1a04922eeb232f3187be89918f02b3b68d6953d80c03720dfa133bc5a8fad3b963aee9c3e4f9e31d9be4ee692c97f701d0cef8051d95259538e09829b50bd1
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/agqEy:6j+1NMOtEvwDpjrRtqn
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-