Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker
-
Size
49KB
-
Sample
240329-erw8lahd91
-
MD5
ed219b68d56dacb2843e764a325df41e
-
SHA1
4f68a08af30e01cb436af38eb6943acb29f442a9
-
SHA256
2aaa093378f6a2df9099c9d0820c7d132b1bfbbe7eead78cd765365ba9b12659
-
SHA512
ec20a1f995b4aa7151a023345e660497cd129391c012e9060d5a192508bb3231964eec2e442104a4ebc23d09491f80473d54f1d3a86ae1d9dc1db3910b975435
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHf:6j+1NMOtEvwDpjr8hhXi/
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker
-
Size
49KB
-
MD5
ed219b68d56dacb2843e764a325df41e
-
SHA1
4f68a08af30e01cb436af38eb6943acb29f442a9
-
SHA256
2aaa093378f6a2df9099c9d0820c7d132b1bfbbe7eead78cd765365ba9b12659
-
SHA512
ec20a1f995b4aa7151a023345e660497cd129391c012e9060d5a192508bb3231964eec2e442104a4ebc23d09491f80473d54f1d3a86ae1d9dc1db3910b975435
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHf:6j+1NMOtEvwDpjr8hhXi/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-