Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-04_7af809d0746d698093e820a1d7a79449_cryptolocker
-
Size
41KB
-
Sample
240204-b4w7ksefa2
-
MD5
7af809d0746d698093e820a1d7a79449
-
SHA1
87b642207feee28831dca098c027b2a29e937088
-
SHA256
21722edb67a6233676f716930b03dae0f8647a78d839c297eadd24738913a847
-
SHA512
e8a6855760c744fd66eff58793156f470ec501b562d9656cd2070d315ae1103c9ce26b68c34fd05854a36af90f5067aaa4ad85825fe92ddafeef56b247cd967a
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAaV:b/pYayGig5HjS3NPAu
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-04_7af809d0746d698093e820a1d7a79449_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-04_7af809d0746d698093e820a1d7a79449_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-04_7af809d0746d698093e820a1d7a79449_cryptolocker
-
Size
41KB
-
MD5
7af809d0746d698093e820a1d7a79449
-
SHA1
87b642207feee28831dca098c027b2a29e937088
-
SHA256
21722edb67a6233676f716930b03dae0f8647a78d839c297eadd24738913a847
-
SHA512
e8a6855760c744fd66eff58793156f470ec501b562d9656cd2070d315ae1103c9ce26b68c34fd05854a36af90f5067aaa4ad85825fe92ddafeef56b247cd967a
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAaV:b/pYayGig5HjS3NPAu
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-