Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker
-
Size
38KB
-
Sample
240125-bwacvadca7
-
MD5
688c63508a1a98d7ad4b131251613ff4
-
SHA1
f02ff2facb3f86254d29c5d9522f0a52d661cb68
-
SHA256
d9dbdde376caa5535945321a0b0a1dc9af082166b0165422a58c1564a4458f9f
-
SHA512
39d37d3f425c3a7c1744d02de5fdda53f611e1c654afe5acb73b2884e84e213ba238c49c9c80fda021883ae3330a7c395df8a7162d13b294dbfb20f0eaf9ebfb
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQB2:i5nkFGMOtEvwDpjn/JQ8
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker
-
Size
38KB
-
MD5
688c63508a1a98d7ad4b131251613ff4
-
SHA1
f02ff2facb3f86254d29c5d9522f0a52d661cb68
-
SHA256
d9dbdde376caa5535945321a0b0a1dc9af082166b0165422a58c1564a4458f9f
-
SHA512
39d37d3f425c3a7c1744d02de5fdda53f611e1c654afe5acb73b2884e84e213ba238c49c9c80fda021883ae3330a7c395df8a7162d13b294dbfb20f0eaf9ebfb
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQB2:i5nkFGMOtEvwDpjn/JQ8
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-