Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-27_ba465a035b0f85e336873c4f777c4b5e_cryptolocker
-
Size
50KB
-
Sample
240327-ep385acd59
-
MD5
ba465a035b0f85e336873c4f777c4b5e
-
SHA1
8d4a99dcbd877272e0788647f655f57b46c35606
-
SHA256
c7c230d3dd29da71f85c539b3348a3f136f25dac6abf2551187283edccf21e15
-
SHA512
789c5adce67c11268f4400717e83dfcaf504c5a7e63e2ffc0b8927292cdc53798a3ae35edaaf74ca6e72691e4a67c9b215d5439b9a92009989838d6cdd3342b0
-
SSDEEP
768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0Fmy7gKt/:vj+jsMQMOtEvwDpj5HczerLO04y7t
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-27_ba465a035b0f85e336873c4f777c4b5e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-27_ba465a035b0f85e336873c4f777c4b5e_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-27_ba465a035b0f85e336873c4f777c4b5e_cryptolocker
-
Size
50KB
-
MD5
ba465a035b0f85e336873c4f777c4b5e
-
SHA1
8d4a99dcbd877272e0788647f655f57b46c35606
-
SHA256
c7c230d3dd29da71f85c539b3348a3f136f25dac6abf2551187283edccf21e15
-
SHA512
789c5adce67c11268f4400717e83dfcaf504c5a7e63e2ffc0b8927292cdc53798a3ae35edaaf74ca6e72691e4a67c9b215d5439b9a92009989838d6cdd3342b0
-
SSDEEP
768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr42A7n0Fmy7gKt/:vj+jsMQMOtEvwDpj5HczerLO04y7t
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-