Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-11_8db0f9143cfabf24e6e54c6fb320d07b_cryptolocker
-
Size
29KB
-
Sample
240211-zdcl9abc9z
-
MD5
8db0f9143cfabf24e6e54c6fb320d07b
-
SHA1
e9c1f68ff5a880f9fd7b01d6940358fecf262af9
-
SHA256
f2d7dae376f8b50969ace151ddf7a9c7485062524315e22a362ab65125adb362
-
SHA512
7a23b277c10ac59506fe27893f7fb6ec5383d8683d73f5db6f8648d76f3ec22726c4ccd1faf57ffe5fd35f23086d9233d623f15f710a3b622587e6823e85288e
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJ5S+zr:bA74zYcgT/Ekd0ryfjQRSnrf
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-11_8db0f9143cfabf24e6e54c6fb320d07b_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-11_8db0f9143cfabf24e6e54c6fb320d07b_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-11_8db0f9143cfabf24e6e54c6fb320d07b_cryptolocker
-
Size
29KB
-
MD5
8db0f9143cfabf24e6e54c6fb320d07b
-
SHA1
e9c1f68ff5a880f9fd7b01d6940358fecf262af9
-
SHA256
f2d7dae376f8b50969ace151ddf7a9c7485062524315e22a362ab65125adb362
-
SHA512
7a23b277c10ac59506fe27893f7fb6ec5383d8683d73f5db6f8648d76f3ec22726c4ccd1faf57ffe5fd35f23086d9233d623f15f710a3b622587e6823e85288e
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJ5S+zr:bA74zYcgT/Ekd0ryfjQRSnrf
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-