Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-21_1526adf377cec9e97f83607caa59c678_cryptolocker
-
Size
41KB
-
Sample
240421-bc8fjaef95
-
MD5
1526adf377cec9e97f83607caa59c678
-
SHA1
3a18e8b708b5a970c92595361f837bde16ca7d51
-
SHA256
cbff931e21cfa1b5b830b9f2474848d7b0db3ea303976e12412d946c64e1ac66
-
SHA512
caf66a798a0486a976c61dfaf19db74a18af8a7863d38bfd9ed5822cba9e9e5f812e5fa10bd04be69a2dab53c99768230fa07ce6221f43039d476cd82acb2d38
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAHR:bCDOw9aMDooc+vAx
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-21_1526adf377cec9e97f83607caa59c678_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-21_1526adf377cec9e97f83607caa59c678_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-21_1526adf377cec9e97f83607caa59c678_cryptolocker
-
Size
41KB
-
MD5
1526adf377cec9e97f83607caa59c678
-
SHA1
3a18e8b708b5a970c92595361f837bde16ca7d51
-
SHA256
cbff931e21cfa1b5b830b9f2474848d7b0db3ea303976e12412d946c64e1ac66
-
SHA512
caf66a798a0486a976c61dfaf19db74a18af8a7863d38bfd9ed5822cba9e9e5f812e5fa10bd04be69a2dab53c99768230fa07ce6221f43039d476cd82acb2d38
-
SSDEEP
768:bCDOw9UiaKHfjnD0S16avdrQFiLjJvtAHR:bCDOw9aMDooc+vAx
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-