Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-28_7b618fe40e5a5a4970d47d96e97e06c1_cryptolocker
-
Size
104KB
-
Sample
240128-za6e6abbej
-
MD5
7b618fe40e5a5a4970d47d96e97e06c1
-
SHA1
ab2fd5a4868c6fab70a90eb91ae50317de2a57fb
-
SHA256
c69b5379d3b9aa80fe171060f03d36bbc7feeb03358e1a3cd4474061fb3c3d86
-
SHA512
11c2b1687c3515428cd04b130277f3dbbe8489d7c29fdf378131d2454747b9d4547005169977ab366c9d62f6ce66b664794f99cef9997d8e7c9584656c357f9e
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWjy9g:xj+VGMOtEvwDpjubwQEIikug
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-28_7b618fe40e5a5a4970d47d96e97e06c1_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-28_7b618fe40e5a5a4970d47d96e97e06c1_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-28_7b618fe40e5a5a4970d47d96e97e06c1_cryptolocker
-
Size
104KB
-
MD5
7b618fe40e5a5a4970d47d96e97e06c1
-
SHA1
ab2fd5a4868c6fab70a90eb91ae50317de2a57fb
-
SHA256
c69b5379d3b9aa80fe171060f03d36bbc7feeb03358e1a3cd4474061fb3c3d86
-
SHA512
11c2b1687c3515428cd04b130277f3dbbe8489d7c29fdf378131d2454747b9d4547005169977ab366c9d62f6ce66b664794f99cef9997d8e7c9584656c357f9e
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWjy9g:xj+VGMOtEvwDpjubwQEIikug
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-