Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-24_5ea077ad13a1d4960507e34d132a1f4b_cryptolocker
-
Size
96KB
-
Sample
240124-jeg1cscham
-
MD5
5ea077ad13a1d4960507e34d132a1f4b
-
SHA1
29a4b462dc3b2ff615e65aceed16b17518621c2e
-
SHA256
68177901c0fd1ea1e9891a8b82b59c5c742bdd0474da09d909bbce1340f028eb
-
SHA512
f0eac74463d946980491dba798a41b78e8ce3354830867a4704a1b2624ee8928076e63266c56988237a7e4ed6db0235f35e045d1c8c2026467e63201e7d22122
-
SSDEEP
1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCJ/:26a+2OtEvwDpjtzm
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-24_5ea077ad13a1d4960507e34d132a1f4b_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-24_5ea077ad13a1d4960507e34d132a1f4b_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-01-24_5ea077ad13a1d4960507e34d132a1f4b_cryptolocker
-
Size
96KB
-
MD5
5ea077ad13a1d4960507e34d132a1f4b
-
SHA1
29a4b462dc3b2ff615e65aceed16b17518621c2e
-
SHA256
68177901c0fd1ea1e9891a8b82b59c5c742bdd0474da09d909bbce1340f028eb
-
SHA512
f0eac74463d946980491dba798a41b78e8ce3354830867a4704a1b2624ee8928076e63266c56988237a7e4ed6db0235f35e045d1c8c2026467e63201e7d22122
-
SSDEEP
1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCJ/:26a+2OtEvwDpjtzm
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-