Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_5798129b90867e8beb3fd7f908119045_cryptolocker
-
Size
40KB
-
Sample
240228-c4rgrshd75
-
MD5
5798129b90867e8beb3fd7f908119045
-
SHA1
2a9cfce4c4685a7ffed148a18e008779cbc35697
-
SHA256
4b52d1e7bc56361d89ca1519cd507c0fd0dc9c3d5325e373c2a460f4e53241b7
-
SHA512
1ca113366975c33b55090bdaa980ab4fdb2efa5fa8b592d2c436290e35da1fd64fdc5783e66f6bb33046fa8845bf2e15f357702f76adbf933d2faf10e46fa5e9
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnISct/:m5nkFNMOtEvwDpjG8hgp+
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_5798129b90867e8beb3fd7f908119045_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-28_5798129b90867e8beb3fd7f908119045_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_5798129b90867e8beb3fd7f908119045_cryptolocker
-
Size
40KB
-
MD5
5798129b90867e8beb3fd7f908119045
-
SHA1
2a9cfce4c4685a7ffed148a18e008779cbc35697
-
SHA256
4b52d1e7bc56361d89ca1519cd507c0fd0dc9c3d5325e373c2a460f4e53241b7
-
SHA512
1ca113366975c33b55090bdaa980ab4fdb2efa5fa8b592d2c436290e35da1fd64fdc5783e66f6bb33046fa8845bf2e15f357702f76adbf933d2faf10e46fa5e9
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnISct/:m5nkFNMOtEvwDpjG8hgp+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-