Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker
-
Size
38KB
-
Sample
240203-wzb13ahggp
-
MD5
018ea4d649a9832ba28c440ca7d9a3f3
-
SHA1
a8a88f98da29629102bd4614e77e40321c513b51
-
SHA256
1d023d7f4fb25ffcb7249d44ce7f57ac812e1bb71ad7ce4f772d5f4dc399e197
-
SHA512
dd3b0943bd3994410f3667e8cd4cdbdae091905f9922209500bbd89bb178c2c1df3bd33ba5d161de50616dce85e2c47eb9c81fba8873f1b4ecbfbfe947e24e61
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/ysz1:i5nkFGMOtEvwDpjR+viDz1
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker
-
Size
38KB
-
MD5
018ea4d649a9832ba28c440ca7d9a3f3
-
SHA1
a8a88f98da29629102bd4614e77e40321c513b51
-
SHA256
1d023d7f4fb25ffcb7249d44ce7f57ac812e1bb71ad7ce4f772d5f4dc399e197
-
SHA512
dd3b0943bd3994410f3667e8cd4cdbdae091905f9922209500bbd89bb178c2c1df3bd33ba5d161de50616dce85e2c47eb9c81fba8873f1b4ecbfbfe947e24e61
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/ysz1:i5nkFGMOtEvwDpjR+viDz1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-