Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker
-
Size
40KB
-
Sample
240228-nhpltsac72
-
MD5
003bfa6663ccb47b6fc9ec49675f5b95
-
SHA1
85cbc3048845686eb3892dbff9710656fe22518f
-
SHA256
d3f04128bef536c4bcf89a0d728e97435fe0305fb854b048fbe825702fd989e0
-
SHA512
60e56b975c21e2537393a937e305963c73ed2c072e99bdaeeb69c2d7e2740437a229b7466d02d4645590999323641f34384382062b45ccf72d10b9c608fe57e1
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnHG:m5nkFNMOtEvwDpjG8hgpHG
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker
-
Size
40KB
-
MD5
003bfa6663ccb47b6fc9ec49675f5b95
-
SHA1
85cbc3048845686eb3892dbff9710656fe22518f
-
SHA256
d3f04128bef536c4bcf89a0d728e97435fe0305fb854b048fbe825702fd989e0
-
SHA512
60e56b975c21e2537393a937e305963c73ed2c072e99bdaeeb69c2d7e2740437a229b7466d02d4645590999323641f34384382062b45ccf72d10b9c608fe57e1
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnHG:m5nkFNMOtEvwDpjG8hgpHG
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-