Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-27_d60b33922728cba1291b558fb3a47027_cryptolocker
-
Size
88KB
-
Sample
240427-fxyjaabh37
-
MD5
d60b33922728cba1291b558fb3a47027
-
SHA1
b834fd3fe03055a01eb9f4e5bae4ba3aa200c172
-
SHA256
76aee393cf82dbf01bc2da343348cec201ad658987c50e9110857cb81c58e52c
-
SHA512
55b6c525c3d4c10ef06c0ec2cf66e609a5c19d54aa851bbe38d7cd6860f017388a76816d016a17e7e9e59f7cc7cdfafa5bb74638ac01167c3e16a2df50828865
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvAcD:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8AcD
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_d60b33922728cba1291b558fb3a47027_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-27_d60b33922728cba1291b558fb3a47027_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-27_d60b33922728cba1291b558fb3a47027_cryptolocker
-
Size
88KB
-
MD5
d60b33922728cba1291b558fb3a47027
-
SHA1
b834fd3fe03055a01eb9f4e5bae4ba3aa200c172
-
SHA256
76aee393cf82dbf01bc2da343348cec201ad658987c50e9110857cb81c58e52c
-
SHA512
55b6c525c3d4c10ef06c0ec2cf66e609a5c19d54aa851bbe38d7cd6860f017388a76816d016a17e7e9e59f7cc7cdfafa5bb74638ac01167c3e16a2df50828865
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvAcD:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8AcD
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-