Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_c2e6d206f3464a104aeb8cddfef0e56d_cryptolocker
-
Size
58KB
-
Sample
240314-gqfwbscc5s
-
MD5
c2e6d206f3464a104aeb8cddfef0e56d
-
SHA1
d90a3e546433da61b5af605e7a6331d4a09e5dd3
-
SHA256
a310d90da4af6a293b5c1293789ae2cc92a8039152ec86b8a0fdc307d714d7bb
-
SHA512
1457e199e7b1cf5a74ebac115c9c76f28334b23b77b663df1f3094cc02cae5da1767133d40465883565e49d1c70c2347e63d10283fc17969af9592f7273deed8
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Goi20PbVY:xj+VGMOtEvwDpjubEgV20DO
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-14_c2e6d206f3464a104aeb8cddfef0e56d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-14_c2e6d206f3464a104aeb8cddfef0e56d_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_c2e6d206f3464a104aeb8cddfef0e56d_cryptolocker
-
Size
58KB
-
MD5
c2e6d206f3464a104aeb8cddfef0e56d
-
SHA1
d90a3e546433da61b5af605e7a6331d4a09e5dd3
-
SHA256
a310d90da4af6a293b5c1293789ae2cc92a8039152ec86b8a0fdc307d714d7bb
-
SHA512
1457e199e7b1cf5a74ebac115c9c76f28334b23b77b663df1f3094cc02cae5da1767133d40465883565e49d1c70c2347e63d10283fc17969af9592f7273deed8
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Goi20PbVY:xj+VGMOtEvwDpjubEgV20DO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-