Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-16_811948d0df37188fec4150cc2e2679c2_cryptolocker
-
Size
43KB
-
Sample
240516-1da9vshd5s
-
MD5
811948d0df37188fec4150cc2e2679c2
-
SHA1
e61bba2385ba71e64ed8c8a370a29d972a0e4b1b
-
SHA256
fc737944d865aba9148784b78a5ddd29fa0f7da8752b74b00f77645eb375eea9
-
SHA512
5337475b33fe604d3e4791fc5691a62e467c61c6a4a9850d3e6a8688704836f217bcba5ee4dbf51d1b8ae262b4cdb578e5aefd5d5408f35d0d9af146d4aed889
-
SSDEEP
384:bm74uGLLQRcsdeQ72ngEr4K7YmE8uYo0nrlwfjDUrz:bm74zYcgT/Ek70ryfjW
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-16_811948d0df37188fec4150cc2e2679c2_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-16_811948d0df37188fec4150cc2e2679c2_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-16_811948d0df37188fec4150cc2e2679c2_cryptolocker
-
Size
43KB
-
MD5
811948d0df37188fec4150cc2e2679c2
-
SHA1
e61bba2385ba71e64ed8c8a370a29d972a0e4b1b
-
SHA256
fc737944d865aba9148784b78a5ddd29fa0f7da8752b74b00f77645eb375eea9
-
SHA512
5337475b33fe604d3e4791fc5691a62e467c61c6a4a9850d3e6a8688704836f217bcba5ee4dbf51d1b8ae262b4cdb578e5aefd5d5408f35d0d9af146d4aed889
-
SSDEEP
384:bm74uGLLQRcsdeQ72ngEr4K7YmE8uYo0nrlwfjDUrz:bm74zYcgT/Ek70ryfjW
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-