Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker
-
Size
37KB
-
Sample
240310-f6knsade9v
-
MD5
0d3f2a1063f19b837cba305eb018f850
-
SHA1
520559f0be8ee7db5824e028b61d115d4516e713
-
SHA256
75d5dc5a8cc4c66849ff04472410dbba46ec2d214f46f6534fea09080a73a2f7
-
SHA512
890cb1b835a4238b697ce51cbfe444b39a28601dd2174259cb4564352fbfe0a4d1926676a2e47786ab3497010cd562b3198fcd3cf153eb5d4345c4a544f3407c
-
SSDEEP
384:+cX+ni9VCr5nQI021q4VQBqURYpetOOtEvwDpjqIGRxzOP51FqQLicn3f3VhBlX1:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/1
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker
-
Size
37KB
-
MD5
0d3f2a1063f19b837cba305eb018f850
-
SHA1
520559f0be8ee7db5824e028b61d115d4516e713
-
SHA256
75d5dc5a8cc4c66849ff04472410dbba46ec2d214f46f6534fea09080a73a2f7
-
SHA512
890cb1b835a4238b697ce51cbfe444b39a28601dd2174259cb4564352fbfe0a4d1926676a2e47786ab3497010cd562b3198fcd3cf153eb5d4345c4a544f3407c
-
SSDEEP
384:+cX+ni9VCr5nQI021q4VQBqURYpetOOtEvwDpjqIGRxzOP51FqQLicn3f3VhBlX1:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-