Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-24_1f9adce5e5a2d36665d4cc7f3bbd3225_cryptolocker
-
Size
60KB
-
Sample
240124-nk3apsghbl
-
MD5
1f9adce5e5a2d36665d4cc7f3bbd3225
-
SHA1
972e961b57bd4f61e142577dfd2a8a227d0cf301
-
SHA256
b7321d695b6f831afcfc30983c73afc8c2dcd365940623a2047cfb3b9dd3ecc7
-
SHA512
58f98cc22b355fb33066fee70bd1e664b82b1ed2b480b8bacbdfdb57f8e8f29ef7697bac0c70052646821290d4c803bf7f5f35a12628fa0b78dd2ceee750e815
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIC:TCjsIOtEvwDpj5HE/OUHnSMI
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-24_1f9adce5e5a2d36665d4cc7f3bbd3225_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-24_1f9adce5e5a2d36665d4cc7f3bbd3225_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-24_1f9adce5e5a2d36665d4cc7f3bbd3225_cryptolocker
-
Size
60KB
-
MD5
1f9adce5e5a2d36665d4cc7f3bbd3225
-
SHA1
972e961b57bd4f61e142577dfd2a8a227d0cf301
-
SHA256
b7321d695b6f831afcfc30983c73afc8c2dcd365940623a2047cfb3b9dd3ecc7
-
SHA512
58f98cc22b355fb33066fee70bd1e664b82b1ed2b480b8bacbdfdb57f8e8f29ef7697bac0c70052646821290d4c803bf7f5f35a12628fa0b78dd2ceee750e815
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIC:TCjsIOtEvwDpj5HE/OUHnSMI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-