Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-24_b2f6fec7d58be957357392545611fe7a_cryptolocker
-
Size
43KB
-
Sample
240224-qznrzaea7w
-
MD5
b2f6fec7d58be957357392545611fe7a
-
SHA1
26cce53fae44112a4ca0508291d25ed8ef3a59d6
-
SHA256
64e58e36446046a0042841f6ebec5ac6d9c4a7d568195803106e0fde24242658
-
SHA512
a5ecc88b0bc99cf46964c065ea0ac017962dab081d92f5d9b0d1c0a5f5bd306824cf3c5186b196313c3764fa8e4da194d8ddac90e63b4209e11f8c3fcd0cb434
-
SSDEEP
768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFp1Yvb9S3:bxNrC7kYo1Fxf3s05rwxbF7YvbU3
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-24_b2f6fec7d58be957357392545611fe7a_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-24_b2f6fec7d58be957357392545611fe7a_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-24_b2f6fec7d58be957357392545611fe7a_cryptolocker
-
Size
43KB
-
MD5
b2f6fec7d58be957357392545611fe7a
-
SHA1
26cce53fae44112a4ca0508291d25ed8ef3a59d6
-
SHA256
64e58e36446046a0042841f6ebec5ac6d9c4a7d568195803106e0fde24242658
-
SHA512
a5ecc88b0bc99cf46964c065ea0ac017962dab081d92f5d9b0d1c0a5f5bd306824cf3c5186b196313c3764fa8e4da194d8ddac90e63b4209e11f8c3fcd0cb434
-
SSDEEP
768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFp1Yvb9S3:bxNrC7kYo1Fxf3s05rwxbF7YvbU3
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-