Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-04_6526e70e4962e7975fc6c5a3888e2b1e_cryptolocker
-
Size
79KB
-
Sample
240504-x9pkksbf48
-
MD5
6526e70e4962e7975fc6c5a3888e2b1e
-
SHA1
1d1dffa0732a41f4754a9b59151379602e4ed993
-
SHA256
50918409db0209b52a30fcab31cb566d73c772d84fe581212a6e1071f700690e
-
SHA512
0462744a0b694dc271fd1fe57abf480a76e112bbd4971dec3e3f46b16702f10683fda16201f8c84149e665e90d90772a838c1a3ae57f91b14c9fa9f4cfcd90c2
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNlupU:V6a+pOtEvwDpjvpN
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-04_6526e70e4962e7975fc6c5a3888e2b1e_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-05-04_6526e70e4962e7975fc6c5a3888e2b1e_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-04_6526e70e4962e7975fc6c5a3888e2b1e_cryptolocker
-
Size
79KB
-
MD5
6526e70e4962e7975fc6c5a3888e2b1e
-
SHA1
1d1dffa0732a41f4754a9b59151379602e4ed993
-
SHA256
50918409db0209b52a30fcab31cb566d73c772d84fe581212a6e1071f700690e
-
SHA512
0462744a0b694dc271fd1fe57abf480a76e112bbd4971dec3e3f46b16702f10683fda16201f8c84149e665e90d90772a838c1a3ae57f91b14c9fa9f4cfcd90c2
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNlupU:V6a+pOtEvwDpjvpN
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-