Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-25_09f23d405166656b25ec9e3bc84f3c21_cryptolocker
-
Size
58KB
-
Sample
240225-h8ksnsef85
-
MD5
09f23d405166656b25ec9e3bc84f3c21
-
SHA1
d06311bbefbbec2ba06be3b59f167a0f52cee5d6
-
SHA256
a5a03d965e5c5466d9a8da06c66c0d3d03b8d529f90d9aee2a971ded2d1a1344
-
SHA512
d261b65a58b13637186641bb0b29c8c7a1d45c30e6485870e275e370114a148e1f8b25c90978a2de4fc55e79b4b6704c53dc9e492f749b62da578dda78d9714c
-
SSDEEP
768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPt547/q6sV:V6QFElP6n+gMQMOtEvwDpjyaLccVCbHC
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-25_09f23d405166656b25ec9e3bc84f3c21_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-25_09f23d405166656b25ec9e3bc84f3c21_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-25_09f23d405166656b25ec9e3bc84f3c21_cryptolocker
-
Size
58KB
-
MD5
09f23d405166656b25ec9e3bc84f3c21
-
SHA1
d06311bbefbbec2ba06be3b59f167a0f52cee5d6
-
SHA256
a5a03d965e5c5466d9a8da06c66c0d3d03b8d529f90d9aee2a971ded2d1a1344
-
SHA512
d261b65a58b13637186641bb0b29c8c7a1d45c30e6485870e275e370114a148e1f8b25c90978a2de4fc55e79b4b6704c53dc9e492f749b62da578dda78d9714c
-
SSDEEP
768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPt547/q6sV:V6QFElP6n+gMQMOtEvwDpjyaLccVCbHC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-