General
-
Target
2024-06-15_205d32ee2f1a849f4539f2ed0347681f_cryptolocker
-
Size
86KB
-
Sample
240615-sstqrayhkm
-
MD5
205d32ee2f1a849f4539f2ed0347681f
-
SHA1
4768b547e781f80ffb86852b1e0bc6d97b880792
-
SHA256
dfa9fc35cb1003b85805c0187b7d1e80aa80cb1ae9c454d4be79bf08055251c6
-
SHA512
835b4fbf03bc800941290547d1657a3bd3d3ccb1a4c926f52921683479930d7f7498bd0606e8899df8dfe349f0ab6ac25e6c02e81b9d2fe10d899fc50fa6d168
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyJS1a:zCsanOtEvwDpjk
Malware Config
Targets
-
-
Target
2024-06-15_205d32ee2f1a849f4539f2ed0347681f_cryptolocker
-
Size
86KB
-
MD5
205d32ee2f1a849f4539f2ed0347681f
-
SHA1
4768b547e781f80ffb86852b1e0bc6d97b880792
-
SHA256
dfa9fc35cb1003b85805c0187b7d1e80aa80cb1ae9c454d4be79bf08055251c6
-
SHA512
835b4fbf03bc800941290547d1657a3bd3d3ccb1a4c926f52921683479930d7f7498bd0606e8899df8dfe349f0ab6ac25e6c02e81b9d2fe10d899fc50fa6d168
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyJS1a:zCsanOtEvwDpjk
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-