Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-21_f3720cbe274bc3bba60c34e1329be3ac_cryptolocker
-
Size
45KB
-
Sample
240221-ytvx4aef9s
-
MD5
f3720cbe274bc3bba60c34e1329be3ac
-
SHA1
c837bfb4110f1b01b9ed0427df4c10d2dcedb86a
-
SHA256
23d682e61ebc40cb7148d9740e3bce434c37d50e99af0dec1f0d36d1ed4feb16
-
SHA512
d7fb066a37877e97311aac95fde06f91ffc9ef2abbdd2f2d50144ad5e6a180edd04fe8973dd81a23fcb449e322ee5cda59e3fc8be29d40223fa57213e6731b57
-
SSDEEP
768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsJ:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1n
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-21_f3720cbe274bc3bba60c34e1329be3ac_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-21_f3720cbe274bc3bba60c34e1329be3ac_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-21_f3720cbe274bc3bba60c34e1329be3ac_cryptolocker
-
Size
45KB
-
MD5
f3720cbe274bc3bba60c34e1329be3ac
-
SHA1
c837bfb4110f1b01b9ed0427df4c10d2dcedb86a
-
SHA256
23d682e61ebc40cb7148d9740e3bce434c37d50e99af0dec1f0d36d1ed4feb16
-
SHA512
d7fb066a37877e97311aac95fde06f91ffc9ef2abbdd2f2d50144ad5e6a180edd04fe8973dd81a23fcb449e322ee5cda59e3fc8be29d40223fa57213e6731b57
-
SSDEEP
768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjIm8z2iaSIO/WZrEu/d+qmsUHQ1wsJ:ZzFbxmLPWQMOtEvwDpj386Sj/WprqQ1n
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-