Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker
-
Size
4.5MB
-
Sample
240228-yqefyacf29
-
MD5
fd760cb3834dd75ba4833357b3be9624
-
SHA1
f7dc45e22a083219a1d1c32808cd8a028b0a819d
-
SHA256
5f3ca0d00c8ebeb870549e2b321ac9bd9cc68acf8a569276b2c25fda459e8f28
-
SHA512
e99116b8423baec72235238f0f5700e442b59f568e0ce65e188a08502c8fcaa891e72151515bdd23e18646ee88dde916277493af80811b7cf7af14edebc71259
-
SSDEEP
98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTU:g/ZFIjBzF/ZFIjBzPEUusU
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker
-
Size
4.5MB
-
MD5
fd760cb3834dd75ba4833357b3be9624
-
SHA1
f7dc45e22a083219a1d1c32808cd8a028b0a819d
-
SHA256
5f3ca0d00c8ebeb870549e2b321ac9bd9cc68acf8a569276b2c25fda459e8f28
-
SHA512
e99116b8423baec72235238f0f5700e442b59f568e0ce65e188a08502c8fcaa891e72151515bdd23e18646ee88dde916277493af80811b7cf7af14edebc71259
-
SSDEEP
98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTU:g/ZFIjBzF/ZFIjBzPEUusU
Score9/10-
Detection of CryptoLocker Variants
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-