Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-14_4667fcf3c31463ba8fed757cbbee9634_cryptolocker
-
Size
32KB
-
Sample
240214-eash3shc92
-
MD5
4667fcf3c31463ba8fed757cbbee9634
-
SHA1
8f70cb16c20a217449f305afd5da281f2c2f32ef
-
SHA256
56b5225093bbafdf93362003e6fff2e185da275fc1ec605e2f13344721f6ed03
-
SHA512
f16cd7d0aaa9698c12f4e741c65770c94c55a1aaecde81d9ac04a2cb0632de3e4d8d1f55972e7a93caf92a059b4619f3ecd461a451d89589d7aa512374ab8acb
-
SSDEEP
384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzoCt9/B1RwFtzxt+:b7o/2n1TCraU6GD1a4Xt9bRwrb+
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-14_4667fcf3c31463ba8fed757cbbee9634_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-14_4667fcf3c31463ba8fed757cbbee9634_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-14_4667fcf3c31463ba8fed757cbbee9634_cryptolocker
-
Size
32KB
-
MD5
4667fcf3c31463ba8fed757cbbee9634
-
SHA1
8f70cb16c20a217449f305afd5da281f2c2f32ef
-
SHA256
56b5225093bbafdf93362003e6fff2e185da275fc1ec605e2f13344721f6ed03
-
SHA512
f16cd7d0aaa9698c12f4e741c65770c94c55a1aaecde81d9ac04a2cb0632de3e4d8d1f55972e7a93caf92a059b4619f3ecd461a451d89589d7aa512374ab8acb
-
SSDEEP
384:bmM0V/YPvnr801TRoUGPh4TKt6ATt1DqgPa3s/zzoCt9/B1RwFtzxt+:b7o/2n1TCraU6GD1a4Xt9bRwrb+
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-