Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-20_d05fe3dcb148a732b38267c309e418fc_cryptolocker
-
Size
39KB
-
Sample
240220-gxpf2sce9t
-
MD5
d05fe3dcb148a732b38267c309e418fc
-
SHA1
2cbbc7e780b5320407462f380a266502a27418f8
-
SHA256
755b3771e0df80b3cfcfaf5ead599384285c5e1b37ec67fad138de3b1592b9df
-
SHA512
820a6a5c475392173073faacfb72e90c7c20851ef9429dc0f8c343b7f8acce9395b050168a2ebc915849a89dc0d0a5c268987a99e34689442327a58598455a45
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY+V:m5nkFNMOtEvwDpjG8hhXy+V
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-20_d05fe3dcb148a732b38267c309e418fc_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-20_d05fe3dcb148a732b38267c309e418fc_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-20_d05fe3dcb148a732b38267c309e418fc_cryptolocker
-
Size
39KB
-
MD5
d05fe3dcb148a732b38267c309e418fc
-
SHA1
2cbbc7e780b5320407462f380a266502a27418f8
-
SHA256
755b3771e0df80b3cfcfaf5ead599384285c5e1b37ec67fad138de3b1592b9df
-
SHA512
820a6a5c475392173073faacfb72e90c7c20851ef9429dc0f8c343b7f8acce9395b050168a2ebc915849a89dc0d0a5c268987a99e34689442327a58598455a45
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY+V:m5nkFNMOtEvwDpjG8hhXy+V
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-