Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-29_202bfa72d33be21e18e2ef6d58937417_cryptolocker
-
Size
122KB
-
Sample
240229-e7lrssdd2t
-
MD5
202bfa72d33be21e18e2ef6d58937417
-
SHA1
08d0ff975a1f027776166980ab6db5666a4fbe3d
-
SHA256
b81d8db5114392bec3c704ea74a7ab7000b5e26199c7f9651a6768980bc17e5b
-
SHA512
4c3870a0e302dea683f0a96e6719d34248f7072248b5f740e19f4ee6666142b8a4105077cbc13c0ee0351b6034a84a3e0ac9998efda7d18ef46451d4148caea7
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwMgJ:u6a++OtEvwDpj6z9
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-29_202bfa72d33be21e18e2ef6d58937417_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-29_202bfa72d33be21e18e2ef6d58937417_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-29_202bfa72d33be21e18e2ef6d58937417_cryptolocker
-
Size
122KB
-
MD5
202bfa72d33be21e18e2ef6d58937417
-
SHA1
08d0ff975a1f027776166980ab6db5666a4fbe3d
-
SHA256
b81d8db5114392bec3c704ea74a7ab7000b5e26199c7f9651a6768980bc17e5b
-
SHA512
4c3870a0e302dea683f0a96e6719d34248f7072248b5f740e19f4ee6666142b8a4105077cbc13c0ee0351b6034a84a3e0ac9998efda7d18ef46451d4148caea7
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwMgJ:u6a++OtEvwDpj6z9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-