Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-06_c3854812b4e2bb92b8e7663b4a0ed89c_cryptolocker
-
Size
87KB
-
Sample
240606-ywcjjacd75
-
MD5
c3854812b4e2bb92b8e7663b4a0ed89c
-
SHA1
df6a54f74d9f06baa66ce32c0b4de3ac3f157981
-
SHA256
2fc6062c94d3ff6a37c63f6034f5db1b00f80e66ce3c745c1278f47fa62d96b0
-
SHA512
b5ef476a6aa54fccbf1ab21e1dafc6292ae21232272ad5de7adc90802840d45431a48f9a71ea5cb42902f7308e3b17e3e16c9761d1baa4ea1b1203878a3ee895
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNl6aP:V6a+pOtEvwDpjvp7
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-06_c3854812b4e2bb92b8e7663b4a0ed89c_cryptolocker.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-06_c3854812b4e2bb92b8e7663b4a0ed89c_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-06_c3854812b4e2bb92b8e7663b4a0ed89c_cryptolocker
-
Size
87KB
-
MD5
c3854812b4e2bb92b8e7663b4a0ed89c
-
SHA1
df6a54f74d9f06baa66ce32c0b4de3ac3f157981
-
SHA256
2fc6062c94d3ff6a37c63f6034f5db1b00f80e66ce3c745c1278f47fa62d96b0
-
SHA512
b5ef476a6aa54fccbf1ab21e1dafc6292ae21232272ad5de7adc90802840d45431a48f9a71ea5cb42902f7308e3b17e3e16c9761d1baa4ea1b1203878a3ee895
-
SSDEEP
1536:V6QFElP6n+gMQMOtEvwDpjyaLccVNl6aP:V6a+pOtEvwDpjvp7
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-