Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-19_90c46e4ecdcdab2e48a779093a88108a_cryptolocker
-
Size
47KB
-
Sample
240219-kmsmhabg47
-
MD5
90c46e4ecdcdab2e48a779093a88108a
-
SHA1
be202dfc362e745abc2c969c8f08c64bc201a99f
-
SHA256
9fe2ce5f878c0f08db8a11f62c5b78bdcd0dfc6b418ac7923b8b5390157fa790
-
SHA512
295aa93201899bdcefc412d2b29dd40b229ad608c57314f01917994dd86e8ded9f5d0ec22e1264dc289cfe960251e4dedf29bee2170a4ee0ce9a09ed6604eb05
-
SSDEEP
384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqX:XS5nQJ24LR1bytOOtEvwDpjNbP/3l/m
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-19_90c46e4ecdcdab2e48a779093a88108a_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-19_90c46e4ecdcdab2e48a779093a88108a_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-19_90c46e4ecdcdab2e48a779093a88108a_cryptolocker
-
Size
47KB
-
MD5
90c46e4ecdcdab2e48a779093a88108a
-
SHA1
be202dfc362e745abc2c969c8f08c64bc201a99f
-
SHA256
9fe2ce5f878c0f08db8a11f62c5b78bdcd0dfc6b418ac7923b8b5390157fa790
-
SHA512
295aa93201899bdcefc412d2b29dd40b229ad608c57314f01917994dd86e8ded9f5d0ec22e1264dc289cfe960251e4dedf29bee2170a4ee0ce9a09ed6604eb05
-
SSDEEP
384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqX:XS5nQJ24LR1bytOOtEvwDpjNbP/3l/m
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-