Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-14_f331859cce4bd56fc23897b8b1e95a15_cryptolocker
-
Size
34KB
-
Sample
240214-wdcepsaa88
-
MD5
f331859cce4bd56fc23897b8b1e95a15
-
SHA1
1d08c7ef3735c00b0b7866bbdc259bcb6d84e234
-
SHA256
fada77eb3c4f65294018fa1c0e3b13393a1d99f5b5fe152e541f961c8cbd23a6
-
SHA512
136918033c850379ecc40f275829fad6703296e9126b463cf80f9a178fd6a795f5214c16ce7697b81798485eb59c3b084a1ae4164f73a657c2337deb2202ba59
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunexRlSrxVh:bA74zYcgT/Ekd0ryfjPIunYwj
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-14_f331859cce4bd56fc23897b8b1e95a15_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-14_f331859cce4bd56fc23897b8b1e95a15_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-14_f331859cce4bd56fc23897b8b1e95a15_cryptolocker
-
Size
34KB
-
MD5
f331859cce4bd56fc23897b8b1e95a15
-
SHA1
1d08c7ef3735c00b0b7866bbdc259bcb6d84e234
-
SHA256
fada77eb3c4f65294018fa1c0e3b13393a1d99f5b5fe152e541f961c8cbd23a6
-
SHA512
136918033c850379ecc40f275829fad6703296e9126b463cf80f9a178fd6a795f5214c16ce7697b81798485eb59c3b084a1ae4164f73a657c2337deb2202ba59
-
SSDEEP
384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunexRlSrxVh:bA74zYcgT/Ekd0ryfjPIunYwj
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-