Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-14_e4755763dffe2e992ecbf7ddd7fb025a_cryptolocker
-
Size
55KB
-
Sample
240214-j6sk6sde4z
-
MD5
e4755763dffe2e992ecbf7ddd7fb025a
-
SHA1
aa4a503731a3dd336f5d32e201770638ae9ca729
-
SHA256
cc1e38c215cd308e6e713d1ad7d68da1761219999abb6d7347d7249cd6433367
-
SHA512
b931198bd7df48bb75817dbc14f5f4a33a358dd6eb1f083309b86f612450ef26f8d9a109817b7c60311ee9f43dfc639c17905144804f49a775220bcd7ea183e4
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7Wwfep:6j+1NMOtEvwDpjr8oxEqp
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-14_e4755763dffe2e992ecbf7ddd7fb025a_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-14_e4755763dffe2e992ecbf7ddd7fb025a_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-14_e4755763dffe2e992ecbf7ddd7fb025a_cryptolocker
-
Size
55KB
-
MD5
e4755763dffe2e992ecbf7ddd7fb025a
-
SHA1
aa4a503731a3dd336f5d32e201770638ae9ca729
-
SHA256
cc1e38c215cd308e6e713d1ad7d68da1761219999abb6d7347d7249cd6433367
-
SHA512
b931198bd7df48bb75817dbc14f5f4a33a358dd6eb1f083309b86f612450ef26f8d9a109817b7c60311ee9f43dfc639c17905144804f49a775220bcd7ea183e4
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7Wwfep:6j+1NMOtEvwDpjr8oxEqp
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-