Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-26_f2c6883895b92ab98185477c1f155131_cryptolocker
-
Size
53KB
-
Sample
240326-gnyncsgc5x
-
MD5
f2c6883895b92ab98185477c1f155131
-
SHA1
a9f1024b9222a0c6ac528ce8cce40ab24371838b
-
SHA256
e3fc2f869c876ec1aa3901850157f8385cd8f2bf348e075f710ac269920a3a89
-
SHA512
a4cb3374089797f21a5cff23c7469d781e7dbac9be786fde0cfd758f2b1fabf3a397dfd65175c19fa0b55a8b24f09901b9db510f70e428b6b359115706ce615b
-
SSDEEP
768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFv0itHg:vj+jsMQMOtEvwDpj5HH1nw73KOFsiNg
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-26_f2c6883895b92ab98185477c1f155131_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-26_f2c6883895b92ab98185477c1f155131_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-26_f2c6883895b92ab98185477c1f155131_cryptolocker
-
Size
53KB
-
MD5
f2c6883895b92ab98185477c1f155131
-
SHA1
a9f1024b9222a0c6ac528ce8cce40ab24371838b
-
SHA256
e3fc2f869c876ec1aa3901850157f8385cd8f2bf348e075f710ac269920a3a89
-
SHA512
a4cb3374089797f21a5cff23c7469d781e7dbac9be786fde0cfd758f2b1fabf3a397dfd65175c19fa0b55a8b24f09901b9db510f70e428b6b359115706ce615b
-
SSDEEP
768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCW1nw71TkhsiPn1YFv0itHg:vj+jsMQMOtEvwDpj5HH1nw73KOFsiNg
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-