Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_c76bfd8695c05443135fd5310898691f_cryptolocker
-
Size
50KB
-
Sample
240228-znakmsdf65
-
MD5
c76bfd8695c05443135fd5310898691f
-
SHA1
3c1430494098f5a52602169e81db563d601191e0
-
SHA256
a599b4aa7342c97a9ceb8026aa86336f3fa3b4567117076d71cca7890fd7f722
-
SHA512
b3f462864aed882a5a9cbee336b428d0a4ff917c453c79fb3892dd663aad34cc3659bf13b1461339c720119d4fc55eec0b96e1ea93c7acb291295ebb68c32a67
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qnUCNs:79mqyNhQMOtEvwDpjBxe8xCNs
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_c76bfd8695c05443135fd5310898691f_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_c76bfd8695c05443135fd5310898691f_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_c76bfd8695c05443135fd5310898691f_cryptolocker
-
Size
50KB
-
MD5
c76bfd8695c05443135fd5310898691f
-
SHA1
3c1430494098f5a52602169e81db563d601191e0
-
SHA256
a599b4aa7342c97a9ceb8026aa86336f3fa3b4567117076d71cca7890fd7f722
-
SHA512
b3f462864aed882a5a9cbee336b428d0a4ff917c453c79fb3892dd663aad34cc3659bf13b1461339c720119d4fc55eec0b96e1ea93c7acb291295ebb68c32a67
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qnUCNs:79mqyNhQMOtEvwDpjBxe8xCNs
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-