Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker
-
Size
42KB
-
Sample
240428-scab6sad24
-
MD5
f532b07a119c2ff696a6024da20f9f20
-
SHA1
e58b47709c0bce259b887240047586a982c74f26
-
SHA256
8ece53bcdad06233a28fff0f6fba1f18b92a3dbe28430837b54ed530b91b6427
-
SHA512
6c3fff32de64513059a24c4c2f900cf56031ea7d1d87b269961cd60fd6999f361ec5ba1168b442a976ac9bbcf0a8c07d6fd233d723f8136b67c11846ff4750e7
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/li:6j+1NMOtEvwDpjrRM
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker
-
Size
42KB
-
MD5
f532b07a119c2ff696a6024da20f9f20
-
SHA1
e58b47709c0bce259b887240047586a982c74f26
-
SHA256
8ece53bcdad06233a28fff0f6fba1f18b92a3dbe28430837b54ed530b91b6427
-
SHA512
6c3fff32de64513059a24c4c2f900cf56031ea7d1d87b269961cd60fd6999f361ec5ba1168b442a976ac9bbcf0a8c07d6fd233d723f8136b67c11846ff4750e7
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/li:6j+1NMOtEvwDpjrRM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-