Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-26_b54849c8b5371a97e60524eaf13874f8_cryptolocker
-
Size
49KB
-
Sample
240326-ygckzsaf33
-
MD5
b54849c8b5371a97e60524eaf13874f8
-
SHA1
992147a0625afc8b754cafaaa0603850e4abbd43
-
SHA256
1ba54154c20657d3a4f84fbf58ec268c9213e5ba8569db53392dd18bb539c2b3
-
SHA512
19567909a3af605a74ca6ff1ea7e3a9c4fc984a04151f7bcc2accd7c9f99597fa8b50f5bd4e0c5ca59d7112c52c81ebfc4e92190f56024571f25c29c0a05e1de
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu55id3AMWZpl:X6QFElP6n+gJQMOtEvwDpjB0GIWiWLnl
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-26_b54849c8b5371a97e60524eaf13874f8_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-26_b54849c8b5371a97e60524eaf13874f8_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-26_b54849c8b5371a97e60524eaf13874f8_cryptolocker
-
Size
49KB
-
MD5
b54849c8b5371a97e60524eaf13874f8
-
SHA1
992147a0625afc8b754cafaaa0603850e4abbd43
-
SHA256
1ba54154c20657d3a4f84fbf58ec268c9213e5ba8569db53392dd18bb539c2b3
-
SHA512
19567909a3af605a74ca6ff1ea7e3a9c4fc984a04151f7bcc2accd7c9f99597fa8b50f5bd4e0c5ca59d7112c52c81ebfc4e92190f56024571f25c29c0a05e1de
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu55id3AMWZpl:X6QFElP6n+gJQMOtEvwDpjB0GIWiWLnl
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-