Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-30_56283cec4b551c365d20cb6b974cf26c_cryptolocker
-
Size
65KB
-
Sample
240530-3wcxhsfh72
-
MD5
56283cec4b551c365d20cb6b974cf26c
-
SHA1
b74588468a974dc99f1a89a598b2b292edd97a87
-
SHA256
0b6be9baf72ab6c473638f12ee90b31647385ac856c8b4c1b2853e8d35037d65
-
SHA512
cd38a6d5f11c6e3f4b80457657ad7bbac839bd00ee88cf10cfe3f7b0cfdf96f77b556b26077b50790ad3e40aac53a3bf5f0138fa5180d79c7386a9b2c599eee0
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIzYr:TCjsIOtEvwDpj5HE/OUHnSM0
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-30_56283cec4b551c365d20cb6b974cf26c_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-30_56283cec4b551c365d20cb6b974cf26c_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-30_56283cec4b551c365d20cb6b974cf26c_cryptolocker
-
Size
65KB
-
MD5
56283cec4b551c365d20cb6b974cf26c
-
SHA1
b74588468a974dc99f1a89a598b2b292edd97a87
-
SHA256
0b6be9baf72ab6c473638f12ee90b31647385ac856c8b4c1b2853e8d35037d65
-
SHA512
cd38a6d5f11c6e3f4b80457657ad7bbac839bd00ee88cf10cfe3f7b0cfdf96f77b556b26077b50790ad3e40aac53a3bf5f0138fa5180d79c7386a9b2c599eee0
-
SSDEEP
1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMTIzYr:TCjsIOtEvwDpj5HE/OUHnSM0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-