Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-29_94d580260683ab09d1159ad78fa33906_cryptolocker
-
Size
43KB
-
Sample
240229-gfns7agb5v
-
MD5
94d580260683ab09d1159ad78fa33906
-
SHA1
89b2ad54c54641f75bc9f3340d0bd364be957e87
-
SHA256
d020005b946117a2f020fdfd9451b9358946ccf3b9c6f1a0773fc73fb4dd398a
-
SHA512
cd8e0a2133936493d4c438a2d77eb1cfa198813bac844b1f39a73d64a4eb670a3af75b3c5f500452604880566e5ea0cb20c371b6dcdb3025670d1da739cd247a
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxBIGJL:bIDOw9a0Dwo3P1ojvUSD4PXIGF
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-29_94d580260683ab09d1159ad78fa33906_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-29_94d580260683ab09d1159ad78fa33906_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-29_94d580260683ab09d1159ad78fa33906_cryptolocker
-
Size
43KB
-
MD5
94d580260683ab09d1159ad78fa33906
-
SHA1
89b2ad54c54641f75bc9f3340d0bd364be957e87
-
SHA256
d020005b946117a2f020fdfd9451b9358946ccf3b9c6f1a0773fc73fb4dd398a
-
SHA512
cd8e0a2133936493d4c438a2d77eb1cfa198813bac844b1f39a73d64a4eb670a3af75b3c5f500452604880566e5ea0cb20c371b6dcdb3025670d1da739cd247a
-
SSDEEP
768:bIDOw9UiaCHfjnE0Sf88AvvP1oghYvm9/6D8jnPxBIGJL:bIDOw9a0Dwo3P1ojvUSD4PXIGF
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-