General
-
Target
2024-06-15_1805062b6ef7061556aa3ee00445ae8b_cryptolocker
-
Size
64KB
-
Sample
240615-r26w1atgnh
-
MD5
1805062b6ef7061556aa3ee00445ae8b
-
SHA1
5a2cd1dd1833392cf29bf93c4bb480d5c8823e78
-
SHA256
9d4d7bcf9b01778baea58bd0e8af8ee95d24920029f8cc1bb7acdac253b077ec
-
SHA512
8b1b7cc6a5ec0fa1ec84d7a8144a78f15d60bafd50d1017ee1200559b5501ef7c9972b5da3af0957c42bd7147a0ff499b8f0dfe69ff7347ca64b67a406df3664
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsi/J:BbdDmjr+OtEvwDpjM8Q
Malware Config
Targets
-
-
Target
2024-06-15_1805062b6ef7061556aa3ee00445ae8b_cryptolocker
-
Size
64KB
-
MD5
1805062b6ef7061556aa3ee00445ae8b
-
SHA1
5a2cd1dd1833392cf29bf93c4bb480d5c8823e78
-
SHA256
9d4d7bcf9b01778baea58bd0e8af8ee95d24920029f8cc1bb7acdac253b077ec
-
SHA512
8b1b7cc6a5ec0fa1ec84d7a8144a78f15d60bafd50d1017ee1200559b5501ef7c9972b5da3af0957c42bd7147a0ff499b8f0dfe69ff7347ca64b67a406df3664
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsi/J:BbdDmjr+OtEvwDpjM8Q
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-