Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-12_2afd3d4d709097f4d004236db5cc89e0_cryptolocker
-
Size
40KB
-
Sample
240312-xe3tqaae38
-
MD5
2afd3d4d709097f4d004236db5cc89e0
-
SHA1
1cf0aa0b95fbe292a219cdec04ffb5b6485b7842
-
SHA256
6e40b98719c61854c673bc6af47d0031259646c1620426ef5b691ac4af3e72c5
-
SHA512
f4c980f118514b8246d045f52d8873391f67412a3980d92457d5715a83fc2cbd2fd6d7f0b0dca25861b518c4704e39edbbb02aa04c674a166731b0352ed81f3e
-
SSDEEP
384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+slY:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+su
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-12_2afd3d4d709097f4d004236db5cc89e0_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-12_2afd3d4d709097f4d004236db5cc89e0_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-12_2afd3d4d709097f4d004236db5cc89e0_cryptolocker
-
Size
40KB
-
MD5
2afd3d4d709097f4d004236db5cc89e0
-
SHA1
1cf0aa0b95fbe292a219cdec04ffb5b6485b7842
-
SHA256
6e40b98719c61854c673bc6af47d0031259646c1620426ef5b691ac4af3e72c5
-
SHA512
f4c980f118514b8246d045f52d8873391f67412a3980d92457d5715a83fc2cbd2fd6d7f0b0dca25861b518c4704e39edbbb02aa04c674a166731b0352ed81f3e
-
SSDEEP
384:bgX4uGLLQRcsdeQ7/nQu63Ag7YmecFanrlwfjDUkKDfWf0w3sp8u5co9+slY:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+su
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-