Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-01_b68f241c61298a7ead3873ea68d820a6_cryptolocker
-
Size
41KB
-
Sample
240201-2dgmbahfhk
-
MD5
b68f241c61298a7ead3873ea68d820a6
-
SHA1
90ee50db9514f391da4a4589384d25b18a80c872
-
SHA256
ddb45322e2830c24582e0a68c77f616ff0f32aa1099a9ffb58897010618e46bd
-
SHA512
ca5cce9d7f34b3173f1c34e77b816cc6778e636d654de4c60583ea97f38df9fab952540189d16d574c9bb7b55e507c0fe0a3382f9afe3212ca2898744360532f
-
SSDEEP
384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+slNWd:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+si
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-01_b68f241c61298a7ead3873ea68d820a6_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-01_b68f241c61298a7ead3873ea68d820a6_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-01_b68f241c61298a7ead3873ea68d820a6_cryptolocker
-
Size
41KB
-
MD5
b68f241c61298a7ead3873ea68d820a6
-
SHA1
90ee50db9514f391da4a4589384d25b18a80c872
-
SHA256
ddb45322e2830c24582e0a68c77f616ff0f32aa1099a9ffb58897010618e46bd
-
SHA512
ca5cce9d7f34b3173f1c34e77b816cc6778e636d654de4c60583ea97f38df9fab952540189d16d574c9bb7b55e507c0fe0a3382f9afe3212ca2898744360532f
-
SSDEEP
384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+slNWd:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+si
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-