Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-21_18540a33b182171daaf5d583e0855849_cryptolocker
-
Size
50KB
-
Sample
240521-e5g1tshf81
-
MD5
18540a33b182171daaf5d583e0855849
-
SHA1
487034b21adc0e69517c83bc210e3778abd34af7
-
SHA256
146b1f858b0871748d228a23b37c30b2235ce99f224156c46e17eb454562b1cb
-
SHA512
bc81c3318eedca71ac40ca4c2c7f821f8527398faa4808a76f608218efdc416589c9d5a624a86662dd55793ddc46d7ec2dd1e836b5bf79dcb13be4fc03a47c4d
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu55id3AMWZUB:X6QFElP6n+gJQMOtEvwDpjB0GIWiWLqB
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-21_18540a33b182171daaf5d583e0855849_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-21_18540a33b182171daaf5d583e0855849_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-05-21_18540a33b182171daaf5d583e0855849_cryptolocker
-
Size
50KB
-
MD5
18540a33b182171daaf5d583e0855849
-
SHA1
487034b21adc0e69517c83bc210e3778abd34af7
-
SHA256
146b1f858b0871748d228a23b37c30b2235ce99f224156c46e17eb454562b1cb
-
SHA512
bc81c3318eedca71ac40ca4c2c7f821f8527398faa4808a76f608218efdc416589c9d5a624a86662dd55793ddc46d7ec2dd1e836b5bf79dcb13be4fc03a47c4d
-
SSDEEP
768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBaaEqbIu55id3AMWZUB:X6QFElP6n+gJQMOtEvwDpjB0GIWiWLqB
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-