Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-11_413751da4758d8478c74e0b68abc176c_cryptolocker
-
Size
44KB
-
Sample
240311-s2kjfaad88
-
MD5
413751da4758d8478c74e0b68abc176c
-
SHA1
35ab95af491aab8413322f1ca84babd5facc7650
-
SHA256
c48d520bfc6a3ea448f47ca0c96fd3265afeab680520349d06882009153a881c
-
SHA512
2292ed82ea54690764829516694a543e3bc7708f1670b51b9bcbf51c608df21d5d2290bc891cb63d04bede4bd6527ed3748aa9b1522984f1018c703aba191151
-
SSDEEP
768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFqRoN60:bxNrC7kYo1Fxf3s05rwxbFvN60
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-11_413751da4758d8478c74e0b68abc176c_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-11_413751da4758d8478c74e0b68abc176c_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-11_413751da4758d8478c74e0b68abc176c_cryptolocker
-
Size
44KB
-
MD5
413751da4758d8478c74e0b68abc176c
-
SHA1
35ab95af491aab8413322f1ca84babd5facc7650
-
SHA256
c48d520bfc6a3ea448f47ca0c96fd3265afeab680520349d06882009153a881c
-
SHA512
2292ed82ea54690764829516694a543e3bc7708f1670b51b9bcbf51c608df21d5d2290bc891cb63d04bede4bd6527ed3748aa9b1522984f1018c703aba191151
-
SSDEEP
768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFqRoN60:bxNrC7kYo1Fxf3s05rwxbFvN60
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-