Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker
-
Size
40KB
-
Sample
240308-ee2ybaef49
-
MD5
b717af6d78bf813d29b3dd649138bbbb
-
SHA1
c4a8a0acb6b5ff2693a01773f898510dd893349d
-
SHA256
d85c6a67ae91a6f495db1f4fbfe129048694882740d6f8b40bb6427d70b2c95f
-
SHA512
d0da23fd146f6209dba88487e8565cd189ff012cc68bd86adb1525402fc8aef49ce18f8cfdb8d96098e6370692785c1e0766d33d98932b8dfc91df70bd1ce817
-
SSDEEP
768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ja:bAvJCF+RQgJeab4sy/lg
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-08_b717af6d78bf813d29b3dd649138bbbb_cryptolocker
-
Size
40KB
-
MD5
b717af6d78bf813d29b3dd649138bbbb
-
SHA1
c4a8a0acb6b5ff2693a01773f898510dd893349d
-
SHA256
d85c6a67ae91a6f495db1f4fbfe129048694882740d6f8b40bb6427d70b2c95f
-
SHA512
d0da23fd146f6209dba88487e8565cd189ff012cc68bd86adb1525402fc8aef49ce18f8cfdb8d96098e6370692785c1e0766d33d98932b8dfc91df70bd1ce817
-
SSDEEP
768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yY/Ja:bAvJCF+RQgJeab4sy/lg
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-