Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-08_1f27c53a6ca613a5cc491f3a11ae0005_cryptolocker
-
Size
50KB
-
Sample
240308-f79z3agc49
-
MD5
1f27c53a6ca613a5cc491f3a11ae0005
-
SHA1
f5226d8a1619fed4426bad6eac3e4d8ddf3bd479
-
SHA256
8b9c1b34f8eb03e64f5274e37b5556779c2c31d7e5d570d1d45298f4704578eb
-
SHA512
61fba55947d6acc50bfbe1f8dba305430e196bc1d7026a2f26191fb445a442d58751ae6ff1750c5cdc69554a366f8729fa48050040a043e4aa178c8214960bcf
-
SSDEEP
1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1xzpAII2:aq7tdgI2MyzNORQtOflIwoHNV2XBFV78
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_1f27c53a6ca613a5cc491f3a11ae0005_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_1f27c53a6ca613a5cc491f3a11ae0005_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-08_1f27c53a6ca613a5cc491f3a11ae0005_cryptolocker
-
Size
50KB
-
MD5
1f27c53a6ca613a5cc491f3a11ae0005
-
SHA1
f5226d8a1619fed4426bad6eac3e4d8ddf3bd479
-
SHA256
8b9c1b34f8eb03e64f5274e37b5556779c2c31d7e5d570d1d45298f4704578eb
-
SHA512
61fba55947d6acc50bfbe1f8dba305430e196bc1d7026a2f26191fb445a442d58751ae6ff1750c5cdc69554a366f8729fa48050040a043e4aa178c8214960bcf
-
SSDEEP
1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszsbKY1xzpAII2:aq7tdgI2MyzNORQtOflIwoHNV2XBFV78
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-