Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-05_d11a96bc8c8a637c556734172d8556a5_cryptolocker
-
Size
64KB
-
Sample
240405-ta1l1sgf43
-
MD5
d11a96bc8c8a637c556734172d8556a5
-
SHA1
8a4186720247748abeb71b002cb8fa109506bca8
-
SHA256
b20e8d7afe7451cfa5c87c19858f0c19b202afba5c6bffa863d22056e7f76bd1
-
SHA512
5edd1e0c6ce287e7e7b3f2a3c20408f5dd346591929aedd04e1460b4d9d1f50e8c5d3695be36b6e1666c68e6920040c8ed6bb2a9208d508e359f5d3c01b988ff
-
SSDEEP
1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszudnYTjipvF299do:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7W
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-05_d11a96bc8c8a637c556734172d8556a5_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-05_d11a96bc8c8a637c556734172d8556a5_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-05_d11a96bc8c8a637c556734172d8556a5_cryptolocker
-
Size
64KB
-
MD5
d11a96bc8c8a637c556734172d8556a5
-
SHA1
8a4186720247748abeb71b002cb8fa109506bca8
-
SHA256
b20e8d7afe7451cfa5c87c19858f0c19b202afba5c6bffa863d22056e7f76bd1
-
SHA512
5edd1e0c6ce287e7e7b3f2a3c20408f5dd346591929aedd04e1460b4d9d1f50e8c5d3695be36b6e1666c68e6920040c8ed6bb2a9208d508e359f5d3c01b988ff
-
SSDEEP
1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszudnYTjipvF299do:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7W
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-