Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_e9688f4a9a458d74838cdbe913426482_cryptolocker
-
Size
123KB
-
Sample
240314-bbpa9sha32
-
MD5
e9688f4a9a458d74838cdbe913426482
-
SHA1
25191e979110b5c7f8c578bf13b29e0a3a73cd72
-
SHA256
dce0182142676cb449ff30430d565db8364b95dbf5ccbef320e10f2e05563a45
-
SHA512
72b7b9d52acad2c9675b3c126acbe5f9b61777b630bae4907c15163b91b8443d186d765f76534bc6fddf8918b4e3a9ce2c41571a57b5fd2561c60e437544cb1d
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwMgSuU+K:u6a++OtEvwDpj6zQ
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-14_e9688f4a9a458d74838cdbe913426482_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-14_e9688f4a9a458d74838cdbe913426482_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_e9688f4a9a458d74838cdbe913426482_cryptolocker
-
Size
123KB
-
MD5
e9688f4a9a458d74838cdbe913426482
-
SHA1
25191e979110b5c7f8c578bf13b29e0a3a73cd72
-
SHA256
dce0182142676cb449ff30430d565db8364b95dbf5ccbef320e10f2e05563a45
-
SHA512
72b7b9d52acad2c9675b3c126acbe5f9b61777b630bae4907c15163b91b8443d186d765f76534bc6fddf8918b4e3a9ce2c41571a57b5fd2561c60e437544cb1d
-
SSDEEP
1536:u6QFElP6n+gWMOtEvwDpjJGYQbN/PKwMgSuU+K:u6a++OtEvwDpj6zQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-