Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-18_aede190998646101976f622d8d30782b_cryptolocker
-
Size
102KB
-
Sample
240418-mrk5bsca31
-
MD5
aede190998646101976f622d8d30782b
-
SHA1
4349ffe6add0d9dfeba4f98e5f28435bc203ca05
-
SHA256
d3cab709976536891c5efc408bb65d4903a8e12a05ac7a7f7e3974ef2af52b2b
-
SHA512
735d2f193bcf3cda2f1bb94cf9f4dd69c3ea2e305c0994dccbbb6d438db17a567b2062e2c228213de22726adfafb6ce71889e484ed4e542d0125ca0b0bc46988
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2NMeo6:xj+VGMOtEvwDpjubwQEIiVmkxv/Lo6
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-18_aede190998646101976f622d8d30782b_cryptolocker.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-04-18_aede190998646101976f622d8d30782b_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-18_aede190998646101976f622d8d30782b_cryptolocker
-
Size
102KB
-
MD5
aede190998646101976f622d8d30782b
-
SHA1
4349ffe6add0d9dfeba4f98e5f28435bc203ca05
-
SHA256
d3cab709976536891c5efc408bb65d4903a8e12a05ac7a7f7e3974ef2af52b2b
-
SHA512
735d2f193bcf3cda2f1bb94cf9f4dd69c3ea2e305c0994dccbbb6d438db17a567b2062e2c228213de22726adfafb6ce71889e484ed4e542d0125ca0b0bc46988
-
SSDEEP
768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZ7uyA36S7MpxRiWNa9mktJHlv/k2NMeo6:xj+VGMOtEvwDpjubwQEIiVmkxv/Lo6
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-