Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-26_36373d568bd8470592e1e8e916f582f9_cryptolocker
-
Size
80KB
-
Sample
240326-vz9rnafd85
-
MD5
36373d568bd8470592e1e8e916f582f9
-
SHA1
0591702b2648a6d40b30433802f83ce099adc36f
-
SHA256
df44309d16ae8834b856dbc950bbadfd04ddc671e5df1cf9c03f1e2f86339400
-
SHA512
c34fa3f20c3d87d7ff24400492d054bedaeac72570e0fe25bbcaa9bb40c7bce45dc68b348d08cd8949a4c69f1fba3c936e272f9a54a092f00ae02d8521780cb9
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrX:TCjsIOtEvwDpj5HE/OUHnSM9
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-26_36373d568bd8470592e1e8e916f582f9_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-26_36373d568bd8470592e1e8e916f582f9_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-26_36373d568bd8470592e1e8e916f582f9_cryptolocker
-
Size
80KB
-
MD5
36373d568bd8470592e1e8e916f582f9
-
SHA1
0591702b2648a6d40b30433802f83ce099adc36f
-
SHA256
df44309d16ae8834b856dbc950bbadfd04ddc671e5df1cf9c03f1e2f86339400
-
SHA512
c34fa3f20c3d87d7ff24400492d054bedaeac72570e0fe25bbcaa9bb40c7bce45dc68b348d08cd8949a4c69f1fba3c936e272f9a54a092f00ae02d8521780cb9
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrX:TCjsIOtEvwDpj5HE/OUHnSM9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-