Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker
-
Size
76KB
-
Sample
240316-e8qr5sdh75
-
MD5
acc3b2cec910db1c16842a8626b3c83a
-
SHA1
bfe00b16606da29e5f85e0b1bac7fc7da24cb11e
-
SHA256
ec8d34a9205e227e02325eb8a9695eb2be27ee31c9d83cf92792f5e1e3021cab
-
SHA512
c9cf42821a0596b51acef2388ad637c374051087805efefbf37c06b93588985879f6b3a584bb577e9df0bd46d9b57c3d7188fac96a0ff0c7e3134a84a90cfdda
-
SSDEEP
1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KujdI:ZVxkGOtEvwDpjca+
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-16_acc3b2cec910db1c16842a8626b3c83a_cryptolocker
-
Size
76KB
-
MD5
acc3b2cec910db1c16842a8626b3c83a
-
SHA1
bfe00b16606da29e5f85e0b1bac7fc7da24cb11e
-
SHA256
ec8d34a9205e227e02325eb8a9695eb2be27ee31c9d83cf92792f5e1e3021cab
-
SHA512
c9cf42821a0596b51acef2388ad637c374051087805efefbf37c06b93588985879f6b3a584bb577e9df0bd46d9b57c3d7188fac96a0ff0c7e3134a84a90cfdda
-
SSDEEP
1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KujdI:ZVxkGOtEvwDpjca+
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-