Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-09_e198d9b93ef99fd1b97ba2861ee6e21e_cryptolocker
-
Size
59KB
-
Sample
240309-wb5cpsed7z
-
MD5
e198d9b93ef99fd1b97ba2861ee6e21e
-
SHA1
037e4c5bcd840f1bc8b55e185d3816bbdba1acdf
-
SHA256
2ae82dcda31569c1502ff35952bb31f71e911cf0bb1265ce2e8f04f35e3c0135
-
SHA512
174d6ae605a739a5b50e67403f594a4b718cdfd74f1e400b3a419da47912ed630a4f878ea2069906bc8d01777d125d21979127de5af625f9845c46df5abfb9a4
-
SSDEEP
1536:btB9g/xtCSKfxLIc//Xr+/AO/kIZ3ft2nVuTKB6nggOlHdUHg:btng54SMLr+/AO/kIhfoKMHd5
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-09_e198d9b93ef99fd1b97ba2861ee6e21e_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-09_e198d9b93ef99fd1b97ba2861ee6e21e_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-09_e198d9b93ef99fd1b97ba2861ee6e21e_cryptolocker
-
Size
59KB
-
MD5
e198d9b93ef99fd1b97ba2861ee6e21e
-
SHA1
037e4c5bcd840f1bc8b55e185d3816bbdba1acdf
-
SHA256
2ae82dcda31569c1502ff35952bb31f71e911cf0bb1265ce2e8f04f35e3c0135
-
SHA512
174d6ae605a739a5b50e67403f594a4b718cdfd74f1e400b3a419da47912ed630a4f878ea2069906bc8d01777d125d21979127de5af625f9845c46df5abfb9a4
-
SSDEEP
1536:btB9g/xtCSKfxLIc//Xr+/AO/kIZ3ft2nVuTKB6nggOlHdUHg:btng54SMLr+/AO/kIhfoKMHd5
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-