Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker
-
Size
128KB
-
Sample
240312-py4w5abb46
-
MD5
b0138e1da5fdb3af970fa9848a2a913c
-
SHA1
849b5e65e59932c6efcfcc76ba5d71a35bd47235
-
SHA256
491187444a1dbfec709afb612008e72e3027f5d6f9eaecbcef012db8d33b5a51
-
SHA512
2cbe578a1992bcfbedea90bb92908a4dd9daaa566f47a1f9034c35405cfec2056c88af1a30d4511c390d767909c64f70ba6d1f54293a136d9af40c468acccdf1
-
SSDEEP
1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//6:vCjsIOtEvwDpj5H9YvQd2RA
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker
-
Size
128KB
-
MD5
b0138e1da5fdb3af970fa9848a2a913c
-
SHA1
849b5e65e59932c6efcfcc76ba5d71a35bd47235
-
SHA256
491187444a1dbfec709afb612008e72e3027f5d6f9eaecbcef012db8d33b5a51
-
SHA512
2cbe578a1992bcfbedea90bb92908a4dd9daaa566f47a1f9034c35405cfec2056c88af1a30d4511c390d767909c64f70ba6d1f54293a136d9af40c468acccdf1
-
SSDEEP
1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//6:vCjsIOtEvwDpj5H9YvQd2RA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-