Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker
-
Size
40KB
-
Sample
240310-b6v3ashd9x
-
MD5
48b043f5e822bec06cac1f7e94d10fb6
-
SHA1
c2afe62bb81b6cf97811ddb26660f4faaee5d6b3
-
SHA256
e0f2f3ff66adea72666265115f26d1b40b4d12ebf2d89220fcf2ee91d617ba2a
-
SHA512
f92039e733525df3b80fb98cb99548c9247ca4cca05188d9a6bf616f2f547beee27a55b722e198ce4e1b1afe59597dc3263ac105fc0ddf9df0b1d6b495240b94
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRnw:m5nkFNMOtEvwDpjG8hhXO
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker
-
Size
40KB
-
MD5
48b043f5e822bec06cac1f7e94d10fb6
-
SHA1
c2afe62bb81b6cf97811ddb26660f4faaee5d6b3
-
SHA256
e0f2f3ff66adea72666265115f26d1b40b4d12ebf2d89220fcf2ee91d617ba2a
-
SHA512
f92039e733525df3b80fb98cb99548c9247ca4cca05188d9a6bf616f2f547beee27a55b722e198ce4e1b1afe59597dc3263ac105fc0ddf9df0b1d6b495240b94
-
SSDEEP
768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRnw:m5nkFNMOtEvwDpjG8hhXO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-