Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker
-
Size
39KB
-
Sample
240221-d13ajaaf4y
-
MD5
db01fa163a477b7a6af4b05eb5249ffc
-
SHA1
3d3bf36d35b0fe72bb446fded53800688acfa509
-
SHA256
c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729
-
SHA512
782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1
-
SSDEEP
768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker
-
Size
39KB
-
MD5
db01fa163a477b7a6af4b05eb5249ffc
-
SHA1
3d3bf36d35b0fe72bb446fded53800688acfa509
-
SHA256
c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729
-
SHA512
782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1
-
SSDEEP
768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-