Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-23_007cb19c736ee31bf0b12b96454c18a9_cryptolocker
-
Size
386KB
-
Sample
240223-x42mysfd75
-
MD5
007cb19c736ee31bf0b12b96454c18a9
-
SHA1
f66dea71f8a45f5f3a839fab1439deac8dc72a03
-
SHA256
af4c4a6f177d4e1cdbcffd0eba2589ca83c33c9745531ea57c802224a788a40a
-
SHA512
b33519cf8c49bae6ca98f2d8e1dc4551b143037a712acf176b4c404732e7ef9c4690b2b280ae6fbb69126c270793de39a36a972bae126a5f4a7fa9eefd8ef92d
-
SSDEEP
6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzX3:nnOflT/ZFIjBz3xjTxynGUOUhX3
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_007cb19c736ee31bf0b12b96454c18a9_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-23_007cb19c736ee31bf0b12b96454c18a9_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_007cb19c736ee31bf0b12b96454c18a9_cryptolocker
-
Size
386KB
-
MD5
007cb19c736ee31bf0b12b96454c18a9
-
SHA1
f66dea71f8a45f5f3a839fab1439deac8dc72a03
-
SHA256
af4c4a6f177d4e1cdbcffd0eba2589ca83c33c9745531ea57c802224a788a40a
-
SHA512
b33519cf8c49bae6ca98f2d8e1dc4551b143037a712acf176b4c404732e7ef9c4690b2b280ae6fbb69126c270793de39a36a972bae126a5f4a7fa9eefd8ef92d
-
SSDEEP
6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzX3:nnOflT/ZFIjBz3xjTxynGUOUhX3
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-