Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-27_91f47150116a2e7b51f798b23dde781f_cryptolocker
-
Size
101KB
-
Sample
240327-zfe56abe98
-
MD5
91f47150116a2e7b51f798b23dde781f
-
SHA1
b124a18e713021a3a38fde2046039a77d4a61055
-
SHA256
cea086049388eb0027e13a006c64f46595a32c2510345daf77236ddcc9d27995
-
SHA512
d5a8e648bf41e8ff74ee65a92605127cb33972454a2d23699f36c46b736abf5fe27dcbd734ae686c7e0b186466e5cfa37302a6fb31b1c94149c774e4dfd4c553
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjz/6VVG:i5nkFGMOtEvwDpjNbwQEIikrV
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-27_91f47150116a2e7b51f798b23dde781f_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-27_91f47150116a2e7b51f798b23dde781f_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-27_91f47150116a2e7b51f798b23dde781f_cryptolocker
-
Size
101KB
-
MD5
91f47150116a2e7b51f798b23dde781f
-
SHA1
b124a18e713021a3a38fde2046039a77d4a61055
-
SHA256
cea086049388eb0027e13a006c64f46595a32c2510345daf77236ddcc9d27995
-
SHA512
d5a8e648bf41e8ff74ee65a92605127cb33972454a2d23699f36c46b736abf5fe27dcbd734ae686c7e0b186466e5cfa37302a6fb31b1c94149c774e4dfd4c553
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRiWjz/6VVG:i5nkFGMOtEvwDpjNbwQEIikrV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-