Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-18_bb6b5e7eabff83e9db9503d8094e96b4_cryptolocker
-
Size
81KB
-
Sample
240218-hk8vlafe48
-
MD5
bb6b5e7eabff83e9db9503d8094e96b4
-
SHA1
159d572023fb0aa50369344873bb754d2477a56c
-
SHA256
fd7e24833aa54709cf601284946717a49df9e5de822fa7bb56ad156ab748437c
-
SHA512
ebd1cc90f4411159f7c90c9bb75c061a2f24607f1a2d929a677aaedd855da1ac9b7060e1cee1e945378ca2f36e08612b630ce0b620e401171de047fe1e1b6a4b
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMAeR2:TCjsIOtEvwDpj5HE/OUHnSM2
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-18_bb6b5e7eabff83e9db9503d8094e96b4_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-18_bb6b5e7eabff83e9db9503d8094e96b4_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-18_bb6b5e7eabff83e9db9503d8094e96b4_cryptolocker
-
Size
81KB
-
MD5
bb6b5e7eabff83e9db9503d8094e96b4
-
SHA1
159d572023fb0aa50369344873bb754d2477a56c
-
SHA256
fd7e24833aa54709cf601284946717a49df9e5de822fa7bb56ad156ab748437c
-
SHA512
ebd1cc90f4411159f7c90c9bb75c061a2f24607f1a2d929a677aaedd855da1ac9b7060e1cee1e945378ca2f36e08612b630ce0b620e401171de047fe1e1b6a4b
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMAeR2:TCjsIOtEvwDpj5HE/OUHnSM2
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-