Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-18_4db7c367ea37f008804eb942f19896a9_cryptolocker
-
Size
84KB
-
Sample
240118-2n5f5adcg3
-
MD5
4db7c367ea37f008804eb942f19896a9
-
SHA1
a1a046b12decf91d05de5d8a39501676dbe2f662
-
SHA256
f8312c479e8e7983d293848318cfec432cc2983ef8cc777f20ab9158193f2b0f
-
SHA512
2aa9a9b52fcdb22dcac496215402f5bd602b5d330b8e04d18998f2b6701d53b10f11f58911b3b5421b012513eed44175841cc736b002ad459bce64f1bfbbbb0b
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtI1:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgu
Behavioral task
behavioral1
Sample
2024-01-18_4db7c367ea37f008804eb942f19896a9_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-18_4db7c367ea37f008804eb942f19896a9_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-18_4db7c367ea37f008804eb942f19896a9_cryptolocker
-
Size
84KB
-
MD5
4db7c367ea37f008804eb942f19896a9
-
SHA1
a1a046b12decf91d05de5d8a39501676dbe2f662
-
SHA256
f8312c479e8e7983d293848318cfec432cc2983ef8cc777f20ab9158193f2b0f
-
SHA512
2aa9a9b52fcdb22dcac496215402f5bd602b5d330b8e04d18998f2b6701d53b10f11f58911b3b5421b012513eed44175841cc736b002ad459bce64f1bfbbbb0b
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtI1:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-