Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-30_d44dd708ec39c2c34484e8e923850959_cryptolocker
-
Size
40KB
-
Sample
240430-gavpjseb9s
-
MD5
d44dd708ec39c2c34484e8e923850959
-
SHA1
a1ebfce2cc90b279bc2f621b7f1ebb969a08d404
-
SHA256
8626010aaeff0f868adac3588509444a9d6d89461e7ec4336e68cffe608975bf
-
SHA512
b9b659bc7fb9812bb1056ae9cf2aebdcbc302061b83f8b033fc28f409f12a8c0b6872ef7c3b7cabfece02261b01a90edae03118536505120f9da56661def5945
-
SSDEEP
768:bA74zYcgT/Ekd0ryfjPIunqpeNswmT3Hwk:bA6YcA/X6G0W143Qk
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-30_d44dd708ec39c2c34484e8e923850959_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-30_d44dd708ec39c2c34484e8e923850959_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-04-30_d44dd708ec39c2c34484e8e923850959_cryptolocker
-
Size
40KB
-
MD5
d44dd708ec39c2c34484e8e923850959
-
SHA1
a1ebfce2cc90b279bc2f621b7f1ebb969a08d404
-
SHA256
8626010aaeff0f868adac3588509444a9d6d89461e7ec4336e68cffe608975bf
-
SHA512
b9b659bc7fb9812bb1056ae9cf2aebdcbc302061b83f8b033fc28f409f12a8c0b6872ef7c3b7cabfece02261b01a90edae03118536505120f9da56661def5945
-
SSDEEP
768:bA74zYcgT/Ekd0ryfjPIunqpeNswmT3Hwk:bA6YcA/X6G0W143Qk
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-