Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-05_1a879c98810ebec9c517a0eb34679094_cryptolocker
-
Size
162KB
-
Sample
240305-x6xf1sfa6v
-
MD5
1a879c98810ebec9c517a0eb34679094
-
SHA1
5ab7c800a3afcb1c46ce8a42b2b6c9f0abc1b205
-
SHA256
bdd0b6357fff6008b07dc95633db5bd07a0f79ce9a4e3859053c77646fcb488a
-
SHA512
0f8f54904a9661cbc20fecdea7e99ab74329bf2698c0580ef38c3059d2f73023ac52e6615c575dec35616fd2ff26c7c8a7f4021dae63d4904cda61dcb658b29f
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwNgp699GNtL1emF:u6a++OtEvwDpj6zU
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-05_1a879c98810ebec9c517a0eb34679094_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-05_1a879c98810ebec9c517a0eb34679094_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-05_1a879c98810ebec9c517a0eb34679094_cryptolocker
-
Size
162KB
-
MD5
1a879c98810ebec9c517a0eb34679094
-
SHA1
5ab7c800a3afcb1c46ce8a42b2b6c9f0abc1b205
-
SHA256
bdd0b6357fff6008b07dc95633db5bd07a0f79ce9a4e3859053c77646fcb488a
-
SHA512
0f8f54904a9661cbc20fecdea7e99ab74329bf2698c0580ef38c3059d2f73023ac52e6615c575dec35616fd2ff26c7c8a7f4021dae63d4904cda61dcb658b29f
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwNgp699GNtL1emF:u6a++OtEvwDpj6zU
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-