Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker
-
Size
68KB
-
Sample
240308-g3a6lshc27
-
MD5
d67ebbdc6bc495aad3f24e28178db240
-
SHA1
a43a9cbaf41a306846a8126d31957eb50631503b
-
SHA256
5e6aea223c6741a86a42dd3126bf133a79afb33701790559afa0283c47375759
-
SHA512
656b377f25c25334283e157ec4d9c2ef370a77bacad5ce15865266aeb82aba6ce1506e5702005f8225f0b327916b4cd0828d8c678bf9ea9f05be7df21be490d6
-
SSDEEP
1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUri:DW60sllyWOtEvwDpjwF85k
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker
-
Size
68KB
-
MD5
d67ebbdc6bc495aad3f24e28178db240
-
SHA1
a43a9cbaf41a306846a8126d31957eb50631503b
-
SHA256
5e6aea223c6741a86a42dd3126bf133a79afb33701790559afa0283c47375759
-
SHA512
656b377f25c25334283e157ec4d9c2ef370a77bacad5ce15865266aeb82aba6ce1506e5702005f8225f0b327916b4cd0828d8c678bf9ea9f05be7df21be490d6
-
SSDEEP
1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUri:DW60sllyWOtEvwDpjwF85k
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-