Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_449a114f8b7257cd1e6c199b89749820_cryptolocker
-
Size
83KB
-
Sample
240228-t5vdgsge66
-
MD5
449a114f8b7257cd1e6c199b89749820
-
SHA1
9cfe638231d30acc771de6501dab20bd01dd0bb5
-
SHA256
a62e10ba48930ba338e5b47dfec4dbfc61c577fb0013e05ebe6e842d93e86978
-
SHA512
ec88a09dcbee53438cfe425f6ba1d2392c1dae9ace4514eb92003fd97d633ed5baa843429a4d2024ac318a06986d2ca4a85a188e038f3d0b6985d43156f51e6d
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMAe59:TCjsIOtEvwDpj5HE/OUHnSMF
Malware Config
Targets
-
-
Target
2024-02-28_449a114f8b7257cd1e6c199b89749820_cryptolocker
-
Size
83KB
-
MD5
449a114f8b7257cd1e6c199b89749820
-
SHA1
9cfe638231d30acc771de6501dab20bd01dd0bb5
-
SHA256
a62e10ba48930ba338e5b47dfec4dbfc61c577fb0013e05ebe6e842d93e86978
-
SHA512
ec88a09dcbee53438cfe425f6ba1d2392c1dae9ace4514eb92003fd97d633ed5baa843429a4d2024ac318a06986d2ca4a85a188e038f3d0b6985d43156f51e6d
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMAe59:TCjsIOtEvwDpj5HE/OUHnSMF
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-