Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-09_391f214fc4e56de2da8a8642385ff866_cryptolocker
-
Size
41KB
-
Sample
240309-e6a9nsdf2s
-
MD5
391f214fc4e56de2da8a8642385ff866
-
SHA1
cf17f8892b046791d9b0d03a5043788e9d6b15b1
-
SHA256
91373d2c09bbfbf7784ea38c9c68fddad2d2f5e578477e076ddfc140c88ff6de
-
SHA512
e93f88bf5b7b8f31db558407573e6aaad8e4a753fe4506fa2d41c4778a5f7dab93a2c88345750ac6b25858ba5c8af8b3743f1ef6a4b4b27d208e7f8768ef5233
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iv:bAvJCYOOvbRPDEgXrNekd7l94i3p+b
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-09_391f214fc4e56de2da8a8642385ff866_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-09_391f214fc4e56de2da8a8642385ff866_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-09_391f214fc4e56de2da8a8642385ff866_cryptolocker
-
Size
41KB
-
MD5
391f214fc4e56de2da8a8642385ff866
-
SHA1
cf17f8892b046791d9b0d03a5043788e9d6b15b1
-
SHA256
91373d2c09bbfbf7784ea38c9c68fddad2d2f5e578477e076ddfc140c88ff6de
-
SHA512
e93f88bf5b7b8f31db558407573e6aaad8e4a753fe4506fa2d41c4778a5f7dab93a2c88345750ac6b25858ba5c8af8b3743f1ef6a4b4b27d208e7f8768ef5233
-
SSDEEP
384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzoiM8Nekdvjl9V50i3NbZM+iv:bAvJCYOOvbRPDEgXrNekd7l94i3p+b
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-