Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-27_fb5a09cd8fc1aa8b5f70c5e267e6c1b4_cryptolocker
-
Size
55KB
-
Sample
240427-f2r73acg5y
-
MD5
fb5a09cd8fc1aa8b5f70c5e267e6c1b4
-
SHA1
dd1b1845811ee73d12ff4c851d859f841fb98b3a
-
SHA256
4aa4d9029a7fa0f80bd40ad462c1e295338822ec91f18a3497d04396c0e2ffe9
-
SHA512
fad430d2d7a7c2ec3e4ecb45b3d96888a1b4bc3423daffe8a295a9d3ca2e1e4c7c3d48145874b8f11d48c4d04eed8dfdb9fbd17d189bc966199cb7b710d58324
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/eld:6j+1NMOtEvwDpjr8oxExe/
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_fb5a09cd8fc1aa8b5f70c5e267e6c1b4_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-27_fb5a09cd8fc1aa8b5f70c5e267e6c1b4_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_fb5a09cd8fc1aa8b5f70c5e267e6c1b4_cryptolocker
-
Size
55KB
-
MD5
fb5a09cd8fc1aa8b5f70c5e267e6c1b4
-
SHA1
dd1b1845811ee73d12ff4c851d859f841fb98b3a
-
SHA256
4aa4d9029a7fa0f80bd40ad462c1e295338822ec91f18a3497d04396c0e2ffe9
-
SHA512
fad430d2d7a7c2ec3e4ecb45b3d96888a1b4bc3423daffe8a295a9d3ca2e1e4c7c3d48145874b8f11d48c4d04eed8dfdb9fbd17d189bc966199cb7b710d58324
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/eld:6j+1NMOtEvwDpjr8oxExe/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-