Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker
-
Size
99KB
-
Sample
240408-s32t4sch63
-
MD5
b06d855689815ab8d8e34e298967ed22
-
SHA1
5c1d8316658db37abb10a126e9a94f5fa50b22ab
-
SHA256
a9ce0cb3c8cbb258dcb546960111584b25bb65be1d835d9a5a10a5ba63bdb8bd
-
SHA512
75aa3cca5c0c83beef6d0178b6cc4cd35c92c8e950275dfad212558a5be843680a9474828a1d1b016552545aa73eef19295892c63de8dc1917368500a827f9a2
-
SSDEEP
1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCWwm:26a+2OtEvwDpjtzJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker
-
Size
99KB
-
MD5
b06d855689815ab8d8e34e298967ed22
-
SHA1
5c1d8316658db37abb10a126e9a94f5fa50b22ab
-
SHA256
a9ce0cb3c8cbb258dcb546960111584b25bb65be1d835d9a5a10a5ba63bdb8bd
-
SHA512
75aa3cca5c0c83beef6d0178b6cc4cd35c92c8e950275dfad212558a5be843680a9474828a1d1b016552545aa73eef19295892c63de8dc1917368500a827f9a2
-
SSDEEP
1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCWwm:26a+2OtEvwDpjtzJ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-