Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-28_62c314e29f9745dd12610b7b4b88b31d_cryptolocker
-
Size
50KB
-
Sample
240328-ea6eyabe69
-
MD5
62c314e29f9745dd12610b7b4b88b31d
-
SHA1
a5e983bd20a59114efb037c17b3ab6426cea9275
-
SHA256
d3189c75d70b79bf080611974bcfe553b235bfd4e0b7fad16f500e32c489e2db
-
SHA512
5d9d9740bc9dbe6633ccecec1d04d6e1c6e89f3fd8733be751774ae68a6c0d917c312e8ade0fd664b874fa2a387c2c1501f8219d5a67afafc516b4e75d447b96
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vxmlcOUNAl:X6QFElP6n+gJBMOtEvwDpjBtExmliWl
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_62c314e29f9745dd12610b7b4b88b31d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_62c314e29f9745dd12610b7b4b88b31d_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-28_62c314e29f9745dd12610b7b4b88b31d_cryptolocker
-
Size
50KB
-
MD5
62c314e29f9745dd12610b7b4b88b31d
-
SHA1
a5e983bd20a59114efb037c17b3ab6426cea9275
-
SHA256
d3189c75d70b79bf080611974bcfe553b235bfd4e0b7fad16f500e32c489e2db
-
SHA512
5d9d9740bc9dbe6633ccecec1d04d6e1c6e89f3fd8733be751774ae68a6c0d917c312e8ade0fd664b874fa2a387c2c1501f8219d5a67afafc516b4e75d447b96
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vxmlcOUNAl:X6QFElP6n+gJBMOtEvwDpjBtExmliWl
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-