Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker
-
Size
64KB
-
Sample
240329-wjgavaeb9x
-
MD5
bfb12bc505ca7736641758ac7b36758b
-
SHA1
40386403a0552097580e60ceb22506c92d24d65e
-
SHA256
12dd746c4fb22315953508e7e85a0702c088607682e8da266f41379dc7d46e71
-
SHA512
72e8dc462484cc7579a573148c0eeb837fae61d89883ed5bb796b0d51c429e5cdd3c579db04aea3984194e7bfbb286a82cd3e09375723ad5fa9b29509b511df3
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMpf:6j+1NMOtEvwDpjr8ox8UDEI
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker
-
Size
64KB
-
MD5
bfb12bc505ca7736641758ac7b36758b
-
SHA1
40386403a0552097580e60ceb22506c92d24d65e
-
SHA256
12dd746c4fb22315953508e7e85a0702c088607682e8da266f41379dc7d46e71
-
SHA512
72e8dc462484cc7579a573148c0eeb837fae61d89883ed5bb796b0d51c429e5cdd3c579db04aea3984194e7bfbb286a82cd3e09375723ad5fa9b29509b511df3
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMpf:6j+1NMOtEvwDpjr8ox8UDEI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-