Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-09_5864028980512bc1448bdfb7b1844025_cryptolocker
-
Size
77KB
-
Sample
240609-d8qlpsdh36
-
MD5
5864028980512bc1448bdfb7b1844025
-
SHA1
573194d9d1930a0711db97a979ce67e663911d09
-
SHA256
d529207e17019a9c1ad475ea5858e0b0d3f9b3596cedf0ee7d5db7693557f0f3
-
SHA512
4850d1a5811e5ac4b327174758ef1e3bdad4b77f6b54b4d4c3cd474c8ec7df2c2ce0e505d5ed8fc00b6756f25676308d229dc54e2648158d7921b1193436bcd9
-
SSDEEP
1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUn:ZVxkGOtEvwDpjcaj
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-09_5864028980512bc1448bdfb7b1844025_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-06-09_5864028980512bc1448bdfb7b1844025_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-09_5864028980512bc1448bdfb7b1844025_cryptolocker
-
Size
77KB
-
MD5
5864028980512bc1448bdfb7b1844025
-
SHA1
573194d9d1930a0711db97a979ce67e663911d09
-
SHA256
d529207e17019a9c1ad475ea5858e0b0d3f9b3596cedf0ee7d5db7693557f0f3
-
SHA512
4850d1a5811e5ac4b327174758ef1e3bdad4b77f6b54b4d4c3cd474c8ec7df2c2ce0e505d5ed8fc00b6756f25676308d229dc54e2648158d7921b1193436bcd9
-
SSDEEP
1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJN6tZdOyJ3KUn:ZVxkGOtEvwDpjcaj
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-