Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_5d63679b72c6e0fd1ef3266ba8bbb148_cryptolocker
-
Size
85KB
-
Sample
240228-jlajvsef59
-
MD5
5d63679b72c6e0fd1ef3266ba8bbb148
-
SHA1
46ec4cb73bef854d0cd825fc00195b2bf0f54526
-
SHA256
04351e92908d4c2e25b3938e86be309bed42f841ecf5de4e3e41411aafc45203
-
SHA512
28e4c50d1a54513e271e7503f9e25a2c68284e68dec048ef44c36dd1a69f837c72b25679f2f9d275ad99acb5930c42b4e5a13a771456ee684dfe3c7247bf854d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvP23:i5nkFGMOtEvwDpjNbwQEI8UtzNcO88
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_5d63679b72c6e0fd1ef3266ba8bbb148_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_5d63679b72c6e0fd1ef3266ba8bbb148_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_5d63679b72c6e0fd1ef3266ba8bbb148_cryptolocker
-
Size
85KB
-
MD5
5d63679b72c6e0fd1ef3266ba8bbb148
-
SHA1
46ec4cb73bef854d0cd825fc00195b2bf0f54526
-
SHA256
04351e92908d4c2e25b3938e86be309bed42f841ecf5de4e3e41411aafc45203
-
SHA512
28e4c50d1a54513e271e7503f9e25a2c68284e68dec048ef44c36dd1a69f837c72b25679f2f9d275ad99acb5930c42b4e5a13a771456ee684dfe3c7247bf854d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvP23:i5nkFGMOtEvwDpjNbwQEI8UtzNcO88
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-