Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-13_73563319660481bd66bca2cd855ce9d1_cryptolocker
-
Size
87KB
-
Sample
240313-zcjzyaga6y
-
MD5
73563319660481bd66bca2cd855ce9d1
-
SHA1
ccc6978dcab79b2072b94d8d09b5e723e8cf1a80
-
SHA256
0b75ab57a9dc0e397ff2cce783cb8628ff68a9a241978598d4a85098b3bda5e2
-
SHA512
a8eddc33f957bcec37a438feddac51028601b7f5f321796809e7eb1460ca61de292d32c3904346ba510762d6f5baf9a3c4a3cad7151fa9e75b58de3dd4c6001c
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxgn3:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8y3
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-13_73563319660481bd66bca2cd855ce9d1_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-13_73563319660481bd66bca2cd855ce9d1_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-13_73563319660481bd66bca2cd855ce9d1_cryptolocker
-
Size
87KB
-
MD5
73563319660481bd66bca2cd855ce9d1
-
SHA1
ccc6978dcab79b2072b94d8d09b5e723e8cf1a80
-
SHA256
0b75ab57a9dc0e397ff2cce783cb8628ff68a9a241978598d4a85098b3bda5e2
-
SHA512
a8eddc33f957bcec37a438feddac51028601b7f5f321796809e7eb1460ca61de292d32c3904346ba510762d6f5baf9a3c4a3cad7151fa9e75b58de3dd4c6001c
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvxgn3:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8y3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-