Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-28_38c96a18bdc51b28453f78a1878b47c4_cryptolocker
-
Size
40KB
-
Sample
240328-yjyk8seh7s
-
MD5
38c96a18bdc51b28453f78a1878b47c4
-
SHA1
69288e00d5ef34ecbda0d3691aecbc3b0f226161
-
SHA256
3271f213ec3fdda0d06e8b1c29afbe296bce5cc575d3db7a73404c77ae0a80f5
-
SHA512
f37d4ceef3a7928d03b9bb9d2d0472955e6300534c03e5c0caecefd8cb686881e814430373d0110cf55e377eb2b4a49da1e6977b484d3ecf227ff358d1085ff0
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAIh:bCDOw9aMDooc+vAk
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_38c96a18bdc51b28453f78a1878b47c4_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_38c96a18bdc51b28453f78a1878b47c4_cryptolocker.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-03-28_38c96a18bdc51b28453f78a1878b47c4_cryptolocker
-
Size
40KB
-
MD5
38c96a18bdc51b28453f78a1878b47c4
-
SHA1
69288e00d5ef34ecbda0d3691aecbc3b0f226161
-
SHA256
3271f213ec3fdda0d06e8b1c29afbe296bce5cc575d3db7a73404c77ae0a80f5
-
SHA512
f37d4ceef3a7928d03b9bb9d2d0472955e6300534c03e5c0caecefd8cb686881e814430373d0110cf55e377eb2b4a49da1e6977b484d3ecf227ff358d1085ff0
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAIh:bCDOw9aMDooc+vAk
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-