Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-18_893fa598a5f490dc78a98d3a605c1a2d_cryptolocker
-
Size
59KB
-
Sample
240118-2z89fsdhej
-
MD5
893fa598a5f490dc78a98d3a605c1a2d
-
SHA1
28883b521b85a77623a2d3a25c62c1596f0e45f7
-
SHA256
2efa9805e3d13ed2967bf0cba7a3072d0d7eb64b0e7c858b47140df5362dc959
-
SHA512
fbc9dd825ae55098339f657099c7dd39247f10c32176bcf8157c942f19e64a3993c9094c6509261f7f1285aace5ebe58bf4fa11836e6f7b21775caa6ab9a0bdb
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwDJ:xj+VGMOtEvwDpjubEgywV
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-18_893fa598a5f490dc78a98d3a605c1a2d_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-18_893fa598a5f490dc78a98d3a605c1a2d_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-18_893fa598a5f490dc78a98d3a605c1a2d_cryptolocker
-
Size
59KB
-
MD5
893fa598a5f490dc78a98d3a605c1a2d
-
SHA1
28883b521b85a77623a2d3a25c62c1596f0e45f7
-
SHA256
2efa9805e3d13ed2967bf0cba7a3072d0d7eb64b0e7c858b47140df5362dc959
-
SHA512
fbc9dd825ae55098339f657099c7dd39247f10c32176bcf8157c942f19e64a3993c9094c6509261f7f1285aace5ebe58bf4fa11836e6f7b21775caa6ab9a0bdb
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwDJ:xj+VGMOtEvwDpjubEgywV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-