Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-27_ed88d6c79983eb0686eb54fc98a81e74_cryptolocker
-
Size
57KB
-
Sample
240527-xeyj1adg6w
-
MD5
ed88d6c79983eb0686eb54fc98a81e74
-
SHA1
b708afd7618b1a92252f8a08cd06802c1cd8cd69
-
SHA256
f79c17360159127a86fa6f31bbfd527ce3e63f9a33e71e41c7bc45fa7c51ba3f
-
SHA512
b82dae5de89222db0f3ba358945ba97fa206d4be02a4102ea955b8c7734031252f3c8de7c289fbffb740b78bbcf8f04975a3ab48c0e2cc51a532e2e252cdc2ee
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4P:6j+1NMOtEvwDpjr8oxExe4P
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-27_ed88d6c79983eb0686eb54fc98a81e74_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-27_ed88d6c79983eb0686eb54fc98a81e74_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-27_ed88d6c79983eb0686eb54fc98a81e74_cryptolocker
-
Size
57KB
-
MD5
ed88d6c79983eb0686eb54fc98a81e74
-
SHA1
b708afd7618b1a92252f8a08cd06802c1cd8cd69
-
SHA256
f79c17360159127a86fa6f31bbfd527ce3e63f9a33e71e41c7bc45fa7c51ba3f
-
SHA512
b82dae5de89222db0f3ba358945ba97fa206d4be02a4102ea955b8c7734031252f3c8de7c289fbffb740b78bbcf8f04975a3ab48c0e2cc51a532e2e252cdc2ee
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e4P:6j+1NMOtEvwDpjr8oxExe4P
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-