Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker
-
Size
104KB
-
Sample
240313-b9x13abc26
-
MD5
b3c71fe4784494d0c52bf5a5d3ffb6f4
-
SHA1
51a9c427eb277856a896b7baf866e1df7e26814b
-
SHA256
4ec9e919597ae3de952e3a3c30ff52f076fd16333db63c419ba68eee1be74753
-
SHA512
289acaf15e42ba3bb93245c3f325ec3ac5fa8cf1f335e1992794a6d374d3d15931142bef12d49a184e89cb692bc535ec48fd58c34c1e3bcb020489a608d0d792
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgpQbCJhA:V6a+pOtEvwDpjtzx
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker
-
Size
104KB
-
MD5
b3c71fe4784494d0c52bf5a5d3ffb6f4
-
SHA1
51a9c427eb277856a896b7baf866e1df7e26814b
-
SHA256
4ec9e919597ae3de952e3a3c30ff52f076fd16333db63c419ba68eee1be74753
-
SHA512
289acaf15e42ba3bb93245c3f325ec3ac5fa8cf1f335e1992794a6d374d3d15931142bef12d49a184e89cb692bc535ec48fd58c34c1e3bcb020489a608d0d792
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgpQbCJhA:V6a+pOtEvwDpjtzx
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-