Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-15_ac3a5059cb8a09af789ec4d20fed52e0_cryptolocker
-
Size
131KB
-
Sample
240315-jgzm7abb4z
-
MD5
ac3a5059cb8a09af789ec4d20fed52e0
-
SHA1
0221fe2bd2f1ce72f8f1a0c156b7396d4c2786a0
-
SHA256
7c957600c8a9fe1f0ca4f1a42bc74471d0e1840728d674415f0f9bba3bce8aa5
-
SHA512
5a8b81a7c9f560154546b959cd4b175f2f711e285ada59f10d614e5bf2e9d6ccf17fc8cdef886bd16ed2dcb3edc8d80b23504675e5f425518a1869410ebb53a8
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgp699GNtL1eyk:V6a+pOtEvwDpjtz5
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-15_ac3a5059cb8a09af789ec4d20fed52e0_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-15_ac3a5059cb8a09af789ec4d20fed52e0_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-15_ac3a5059cb8a09af789ec4d20fed52e0_cryptolocker
-
Size
131KB
-
MD5
ac3a5059cb8a09af789ec4d20fed52e0
-
SHA1
0221fe2bd2f1ce72f8f1a0c156b7396d4c2786a0
-
SHA256
7c957600c8a9fe1f0ca4f1a42bc74471d0e1840728d674415f0f9bba3bce8aa5
-
SHA512
5a8b81a7c9f560154546b959cd4b175f2f711e285ada59f10d614e5bf2e9d6ccf17fc8cdef886bd16ed2dcb3edc8d80b23504675e5f425518a1869410ebb53a8
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgp699GNtL1eyk:V6a+pOtEvwDpjtz5
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-