Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-24_45c9b79117356c766e6508df36547f13_cryptolocker
-
Size
40KB
-
Sample
240224-e87ewsac5w
-
MD5
45c9b79117356c766e6508df36547f13
-
SHA1
746a50fba6ff8c79fd5c1eabed2a3a8df0c9a86c
-
SHA256
bdb5bae9af8e50f6f9961c44ec809abcdeb7321474be4a29dd7cc382ccb0a665
-
SHA512
03b09ded66c0369e7b290690333a51b0dbd250c4814775195943a0acc8270e76d87131482dc74ad7bad2f09b65302dc234c1886df1690f889a619aa797d6cce7
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6Dy8POKc:bIDOw9a0Dwo3P1ojvUSDhK
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-24_45c9b79117356c766e6508df36547f13_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-24_45c9b79117356c766e6508df36547f13_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-24_45c9b79117356c766e6508df36547f13_cryptolocker
-
Size
40KB
-
MD5
45c9b79117356c766e6508df36547f13
-
SHA1
746a50fba6ff8c79fd5c1eabed2a3a8df0c9a86c
-
SHA256
bdb5bae9af8e50f6f9961c44ec809abcdeb7321474be4a29dd7cc382ccb0a665
-
SHA512
03b09ded66c0369e7b290690333a51b0dbd250c4814775195943a0acc8270e76d87131482dc74ad7bad2f09b65302dc234c1886df1690f889a619aa797d6cce7
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6Dy8POKc:bIDOw9a0Dwo3P1ojvUSDhK
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-