Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_eaaf13324f6fa44584bf34aa45382679_cryptolocker
-
Size
48KB
-
Sample
240228-zq4lhadg76
-
MD5
eaaf13324f6fa44584bf34aa45382679
-
SHA1
633aa27373fb2bb949641af7c4f15b3354d93882
-
SHA256
739e7b7f6b2d87c60b4bc132c0d562191dd2d2c808a37bf65cfcaf4f17458dcc
-
SHA512
12c9fa2b4dd0014faf087ee4070980d34ceec9154bb51a769f3ab678081e8962c8c0df24aebeef4936bd3cfd441cd0590da14548f57bf78065e00b6e2f0c0b78
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaNm:xj+VGMOtEvwDpjy+TQ
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-28_eaaf13324f6fa44584bf34aa45382679_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-28_eaaf13324f6fa44584bf34aa45382679_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_eaaf13324f6fa44584bf34aa45382679_cryptolocker
-
Size
48KB
-
MD5
eaaf13324f6fa44584bf34aa45382679
-
SHA1
633aa27373fb2bb949641af7c4f15b3354d93882
-
SHA256
739e7b7f6b2d87c60b4bc132c0d562191dd2d2c808a37bf65cfcaf4f17458dcc
-
SHA512
12c9fa2b4dd0014faf087ee4070980d34ceec9154bb51a769f3ab678081e8962c8c0df24aebeef4936bd3cfd441cd0590da14548f57bf78065e00b6e2f0c0b78
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLbjG9RzhwaNm:xj+VGMOtEvwDpjy+TQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-