Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-28_0e5f2c5437422343c675dcb4247050e2_cryptolocker
-
Size
54KB
-
Sample
240328-2a3elsah55
-
MD5
0e5f2c5437422343c675dcb4247050e2
-
SHA1
f1b74fa909487edc3fd1a49b3abef44066583e42
-
SHA256
e1559e56dd28f6dd29eae755fd8d845691637c9b6bcf506ce3f3d2b1df56c503
-
SHA512
c8499f18de21ccfce830fb1f50e81fe78e0dfb25156027c56e175cf1a633e7f91db24bf606340857548f7a03d7ea9d928263be9bf16b70e2ea8b9b87eef872eb
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjeJQ7pojakl8eN:V6a+pOtEvwDpj0
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_0e5f2c5437422343c675dcb4247050e2_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-03-28_0e5f2c5437422343c675dcb4247050e2_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_0e5f2c5437422343c675dcb4247050e2_cryptolocker
-
Size
54KB
-
MD5
0e5f2c5437422343c675dcb4247050e2
-
SHA1
f1b74fa909487edc3fd1a49b3abef44066583e42
-
SHA256
e1559e56dd28f6dd29eae755fd8d845691637c9b6bcf506ce3f3d2b1df56c503
-
SHA512
c8499f18de21ccfce830fb1f50e81fe78e0dfb25156027c56e175cf1a633e7f91db24bf606340857548f7a03d7ea9d928263be9bf16b70e2ea8b9b87eef872eb
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjeJQ7pojakl8eN:V6a+pOtEvwDpj0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-