Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-04_59a69d3cdc90dda2a0468d1325bbe011_cryptolocker
-
Size
31KB
-
Sample
240504-e9papsgc92
-
MD5
59a69d3cdc90dda2a0468d1325bbe011
-
SHA1
16dd23650a1bce18532360a6b4992dca0fd6d4dd
-
SHA256
c6e8a07f1b0581c238d278c96fbcd4bd94365518644a4e62ce2528fc64fb126d
-
SHA512
f93b80aeebfb99372ce1dde079ff6eabe2c3265453da9921636555376f0f82ca62da7156a3ab28cb67f900055a4bedf10eb836d11d07dd5b9bbba5eb6ead975b
-
SSDEEP
384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvf:bG74zYcgT/Ekd0ryfjkf
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-04_59a69d3cdc90dda2a0468d1325bbe011_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-04_59a69d3cdc90dda2a0468d1325bbe011_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-04_59a69d3cdc90dda2a0468d1325bbe011_cryptolocker
-
Size
31KB
-
MD5
59a69d3cdc90dda2a0468d1325bbe011
-
SHA1
16dd23650a1bce18532360a6b4992dca0fd6d4dd
-
SHA256
c6e8a07f1b0581c238d278c96fbcd4bd94365518644a4e62ce2528fc64fb126d
-
SHA512
f93b80aeebfb99372ce1dde079ff6eabe2c3265453da9921636555376f0f82ca62da7156a3ab28cb67f900055a4bedf10eb836d11d07dd5b9bbba5eb6ead975b
-
SSDEEP
384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvf:bG74zYcgT/Ekd0ryfjkf
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-