Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-21_4bea69608e676ccdd5d750640a5a62df_cryptolocker
-
Size
55KB
-
Sample
240221-1bvkqafe5y
-
MD5
4bea69608e676ccdd5d750640a5a62df
-
SHA1
edb95331af4774c1b1331ba6bd7992b8a8c2b750
-
SHA256
f98a231b2e8b376424c7a407faf380e16991300e8d383b6170ae3ad1bf22005b
-
SHA512
d1740a30453b6c12bdf489e2aba0bdee957232552b0eb803b9dee49792d0e2010a413b2933e2c9d230f1baa248721b75a4030940d7d2f98ffbe50b06c7be14bd
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/iVTab3GRuv3VylSV/Cd9z3F:79mqyNhQMOtEvwDpjBPY7xv3g8SZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-21_4bea69608e676ccdd5d750640a5a62df_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-21_4bea69608e676ccdd5d750640a5a62df_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-21_4bea69608e676ccdd5d750640a5a62df_cryptolocker
-
Size
55KB
-
MD5
4bea69608e676ccdd5d750640a5a62df
-
SHA1
edb95331af4774c1b1331ba6bd7992b8a8c2b750
-
SHA256
f98a231b2e8b376424c7a407faf380e16991300e8d383b6170ae3ad1bf22005b
-
SHA512
d1740a30453b6c12bdf489e2aba0bdee957232552b0eb803b9dee49792d0e2010a413b2933e2c9d230f1baa248721b75a4030940d7d2f98ffbe50b06c7be14bd
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/iVTab3GRuv3VylSV/Cd9z3F:79mqyNhQMOtEvwDpjBPY7xv3g8SZ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-