Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-25_98d578b509c4f52c4f3ad4ad08a16844_cryptolocker
-
Size
64KB
-
Sample
240225-pzch9sbg55
-
MD5
98d578b509c4f52c4f3ad4ad08a16844
-
SHA1
b433bd1b1a433b2b7e8edb3eef73c03bb15c5229
-
SHA256
865d38d6b8582a9f2c8bf5b27c75ab9404f6c212c443751ef0a37d1668275258
-
SHA512
eca9ceea04673a0b1062c1cdaaacb13fc2fee5b6fe024eb89ef01094ab8a1a35d9404d25d3c2b214c5669e678162aebd9fc14b0f3484e6b9132904192a576d35
-
SSDEEP
1536:vj+jsMQMOtEvwDpj5HyCyh7vtRJ4BqKb1knzhvdYE:vCjsIOtEvwDpj5Hv03
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-25_98d578b509c4f52c4f3ad4ad08a16844_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-02-25_98d578b509c4f52c4f3ad4ad08a16844_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-25_98d578b509c4f52c4f3ad4ad08a16844_cryptolocker
-
Size
64KB
-
MD5
98d578b509c4f52c4f3ad4ad08a16844
-
SHA1
b433bd1b1a433b2b7e8edb3eef73c03bb15c5229
-
SHA256
865d38d6b8582a9f2c8bf5b27c75ab9404f6c212c443751ef0a37d1668275258
-
SHA512
eca9ceea04673a0b1062c1cdaaacb13fc2fee5b6fe024eb89ef01094ab8a1a35d9404d25d3c2b214c5669e678162aebd9fc14b0f3484e6b9132904192a576d35
-
SSDEEP
1536:vj+jsMQMOtEvwDpj5HyCyh7vtRJ4BqKb1knzhvdYE:vCjsIOtEvwDpj5Hv03
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-