Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-15_b5a762993658cb569f29e629d44b9c4e_cryptolocker
-
Size
53KB
-
Sample
240615-rx86katflb
-
MD5
b5a762993658cb569f29e629d44b9c4e
-
SHA1
f2ff37a29f0ba7c4f10ea3bfd45a30df34604280
-
SHA256
708b685391ce3dae1cc0a0644135d85b694bd94077f803ee6518a8e331a01796
-
SHA512
70597870570df93bd805afe067889e25b2a3a33f8a4bb2b90121f49fcb0fd4bbf232b6eb7cdc826fc3f8eb29a3cb97407f1cbe71055f93bf743b2913a6b68c99
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6PR:79mqyNhQMOtEvwDpjBxe8TpXRSDePR
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-15_b5a762993658cb569f29e629d44b9c4e_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-15_b5a762993658cb569f29e629d44b9c4e_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-15_b5a762993658cb569f29e629d44b9c4e_cryptolocker
-
Size
53KB
-
MD5
b5a762993658cb569f29e629d44b9c4e
-
SHA1
f2ff37a29f0ba7c4f10ea3bfd45a30df34604280
-
SHA256
708b685391ce3dae1cc0a0644135d85b694bd94077f803ee6518a8e331a01796
-
SHA512
70597870570df93bd805afe067889e25b2a3a33f8a4bb2b90121f49fcb0fd4bbf232b6eb7cdc826fc3f8eb29a3cb97407f1cbe71055f93bf743b2913a6b68c99
-
SSDEEP
768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qn8pKIRszDr6PR:79mqyNhQMOtEvwDpjBxe8TpXRSDePR
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-