Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-02_b6ad49e2c1c1cb80ed72905cb3a74381_cryptolocker
-
Size
52KB
-
Sample
240502-eam9csaa78
-
MD5
b6ad49e2c1c1cb80ed72905cb3a74381
-
SHA1
3796e6a49b8a770f154714f0ca4a061933b481ad
-
SHA256
f5ea53e4154e0c715d90307c4b320d6f06d97da2d491fc53d57d7c1b706b509f
-
SHA512
f8db3d70c018130e9df90ae3d43958536f1323a3394b7fdb23ffab5a029943023d7cea51a02f8585386696611f98d276fc5d33de325985d830a2db5808ec8000
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccCGXliH:V6a+pOtEvwDpjvDG
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-02_b6ad49e2c1c1cb80ed72905cb3a74381_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-02_b6ad49e2c1c1cb80ed72905cb3a74381_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-02_b6ad49e2c1c1cb80ed72905cb3a74381_cryptolocker
-
Size
52KB
-
MD5
b6ad49e2c1c1cb80ed72905cb3a74381
-
SHA1
3796e6a49b8a770f154714f0ca4a061933b481ad
-
SHA256
f5ea53e4154e0c715d90307c4b320d6f06d97da2d491fc53d57d7c1b706b509f
-
SHA512
f8db3d70c018130e9df90ae3d43958536f1323a3394b7fdb23ffab5a029943023d7cea51a02f8585386696611f98d276fc5d33de325985d830a2db5808ec8000
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccCGXliH:V6a+pOtEvwDpjvDG
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-