Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-29_849dc24f4d859842fa30535c45b75606_cryptolocker
-
Size
39KB
-
Sample
240129-bfhpaagagj
-
MD5
849dc24f4d859842fa30535c45b75606
-
SHA1
3aba0351bebd68a993223c40922e5f512748d757
-
SHA256
5a1eee164792e082b30ad7f323a106be3627acc432840201c61adb6e18613777
-
SHA512
5ed939ac9c8f211359186201ff6420fec23b11a41d07ee9cac77367e4aee31eb42c4f5628307aa28dea3650ea3aff028eba20d1ac3c864beef646b88c0809877
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRv:m5nkFNMOtEvwDpjG8hhXd
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-29_849dc24f4d859842fa30535c45b75606_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-29_849dc24f4d859842fa30535c45b75606_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-29_849dc24f4d859842fa30535c45b75606_cryptolocker
-
Size
39KB
-
MD5
849dc24f4d859842fa30535c45b75606
-
SHA1
3aba0351bebd68a993223c40922e5f512748d757
-
SHA256
5a1eee164792e082b30ad7f323a106be3627acc432840201c61adb6e18613777
-
SHA512
5ed939ac9c8f211359186201ff6420fec23b11a41d07ee9cac77367e4aee31eb42c4f5628307aa28dea3650ea3aff028eba20d1ac3c864beef646b88c0809877
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRv:m5nkFNMOtEvwDpjG8hhXd
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-