Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-08_56cf5f764871a372bb83ac1441171a58_cryptolocker
-
Size
51KB
-
Sample
240308-d5ysxaed26
-
MD5
56cf5f764871a372bb83ac1441171a58
-
SHA1
984c67a2c4b231697cd1e327e2e82c5eeae369b7
-
SHA256
3b5d96c1f6eda8e49ec8b09956382374037d336ad351cd4f2eb3e6d7568b3c59
-
SHA512
e0516515a20e9cb34c6314c3ea0c671d58f50faad7f1987b98913c304972a9f9642dac2ef2c7ecb7c915992a57339ef0e699bbc5940948f2638787763e241580
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vbEdoJ:X6QFElP6n+gJBMOtEvwDpjBtEB
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_56cf5f764871a372bb83ac1441171a58_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_56cf5f764871a372bb83ac1441171a58_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-08_56cf5f764871a372bb83ac1441171a58_cryptolocker
-
Size
51KB
-
MD5
56cf5f764871a372bb83ac1441171a58
-
SHA1
984c67a2c4b231697cd1e327e2e82c5eeae369b7
-
SHA256
3b5d96c1f6eda8e49ec8b09956382374037d336ad351cd4f2eb3e6d7568b3c59
-
SHA512
e0516515a20e9cb34c6314c3ea0c671d58f50faad7f1987b98913c304972a9f9642dac2ef2c7ecb7c915992a57339ef0e699bbc5940948f2638787763e241580
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vbEdoJ:X6QFElP6n+gJBMOtEvwDpjBtEB
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-