Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-13_179ac054b07b72bd7e40d6f94e506fed_cryptolocker
-
Size
43KB
-
Sample
240213-mgbg5sfe2s
-
MD5
179ac054b07b72bd7e40d6f94e506fed
-
SHA1
5ab2563c3a9be72d5966d013560b9a6354665db8
-
SHA256
fbc1f90571ab347149ed0fc82a7fcf422d66535b21262860511fee6667a749a7
-
SHA512
d6339238533e61f995fa73e94c22828dcb26b4cf5624ac845774cb2a15e253b69a89aaef4dd405447b3d671b916ad63210277dee8a329361c8e6d98ed6cc47c6
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMphedj:bc/y2lkF0+Be8
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-13_179ac054b07b72bd7e40d6f94e506fed_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-13_179ac054b07b72bd7e40d6f94e506fed_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-13_179ac054b07b72bd7e40d6f94e506fed_cryptolocker
-
Size
43KB
-
MD5
179ac054b07b72bd7e40d6f94e506fed
-
SHA1
5ab2563c3a9be72d5966d013560b9a6354665db8
-
SHA256
fbc1f90571ab347149ed0fc82a7fcf422d66535b21262860511fee6667a749a7
-
SHA512
d6339238533e61f995fa73e94c22828dcb26b4cf5624ac845774cb2a15e253b69a89aaef4dd405447b3d671b916ad63210277dee8a329361c8e6d98ed6cc47c6
-
SSDEEP
768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMphedj:bc/y2lkF0+Be8
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-