Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-22_ab8478168620e2c11c5b7675badb5ffe_cryptolocker
-
Size
47KB
-
Sample
240122-sy6mhaadh9
-
MD5
ab8478168620e2c11c5b7675badb5ffe
-
SHA1
252cf8da2ada7ea64fd8f52d7fdf0151b6ead9ff
-
SHA256
2e38090be6e80f03940b4934441e11b3d832c6ab2a3c6bde1d7985bd20d199f6
-
SHA512
f5deb7d833418ad2763c49ffb2c6d36ef5aebeb331fa48e01124e18b0857fb06396787cab3acfdea91f84e039fa8a4ee4d67ae147cffa86e66d0bfff2983a238
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldfHWPO:xj+VGMOtEvwDpjk/fHYO
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-22_ab8478168620e2c11c5b7675badb5ffe_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-22_ab8478168620e2c11c5b7675badb5ffe_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-01-22_ab8478168620e2c11c5b7675badb5ffe_cryptolocker
-
Size
47KB
-
MD5
ab8478168620e2c11c5b7675badb5ffe
-
SHA1
252cf8da2ada7ea64fd8f52d7fdf0151b6ead9ff
-
SHA256
2e38090be6e80f03940b4934441e11b3d832c6ab2a3c6bde1d7985bd20d199f6
-
SHA512
f5deb7d833418ad2763c49ffb2c6d36ef5aebeb331fa48e01124e18b0857fb06396787cab3acfdea91f84e039fa8a4ee4d67ae147cffa86e66d0bfff2983a238
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldfHWPO:xj+VGMOtEvwDpjk/fHYO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-