Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-26_c05c19b2560394cce4d41e33dc78fee5_cryptolocker
-
Size
30KB
-
Sample
240126-a1zb4aaff8
-
MD5
c05c19b2560394cce4d41e33dc78fee5
-
SHA1
fb0b48b1c3b6eff54ebf00ddf2512cab4a9f6ed7
-
SHA256
ed44f394d8e94aafd5549e8d21ae6ceeece949a82688c0dc02d732615de87f47
-
SHA512
57e8242a1dbca305cb2bb4080f62ddbc50196793db63e1a6855402250f6ae1a9263725418de3a0d1ce2c74caa226bea8135b48117777ed7bc2cf669e6f1f397d
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunIyNl:bA74zYcgT/Ekd0ryfjPIunt/
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-26_c05c19b2560394cce4d41e33dc78fee5_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-26_c05c19b2560394cce4d41e33dc78fee5_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-01-26_c05c19b2560394cce4d41e33dc78fee5_cryptolocker
-
Size
30KB
-
MD5
c05c19b2560394cce4d41e33dc78fee5
-
SHA1
fb0b48b1c3b6eff54ebf00ddf2512cab4a9f6ed7
-
SHA256
ed44f394d8e94aafd5549e8d21ae6ceeece949a82688c0dc02d732615de87f47
-
SHA512
57e8242a1dbca305cb2bb4080f62ddbc50196793db63e1a6855402250f6ae1a9263725418de3a0d1ce2c74caa226bea8135b48117777ed7bc2cf669e6f1f397d
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunIyNl:bA74zYcgT/Ekd0ryfjPIunt/
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-