Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker
-
Size
41KB
-
Sample
240430-kch1bagc53
-
MD5
7a509175e43910386dc723a853f8bb8f
-
SHA1
961e194a0d79dd98c97b2393b992901107c92230
-
SHA256
e66778691695f3ad8a7f1cb4f56a80102d8356fdb9d978460017ba9aaa31199c
-
SHA512
8f2d8e89363322f49917b466efc32b8af384c47565bd9555c53761e861eb9012f144fde04589b2ad0203fd6ad96efe2de1ff8e89b57e068e0b1630a90749c48d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhN:i5nkFGMOtEvwDpjR+viHshN7
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker
-
Size
41KB
-
MD5
7a509175e43910386dc723a853f8bb8f
-
SHA1
961e194a0d79dd98c97b2393b992901107c92230
-
SHA256
e66778691695f3ad8a7f1cb4f56a80102d8356fdb9d978460017ba9aaa31199c
-
SHA512
8f2d8e89363322f49917b466efc32b8af384c47565bd9555c53761e861eb9012f144fde04589b2ad0203fd6ad96efe2de1ff8e89b57e068e0b1630a90749c48d
-
SSDEEP
768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhN:i5nkFGMOtEvwDpjR+viHshN7
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-