Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-19_192ebbc4d44e5b4857359cd32e303511_cryptolocker
-
Size
115KB
-
Sample
240119-lz81pabebm
-
MD5
192ebbc4d44e5b4857359cd32e303511
-
SHA1
70a674d1106c83fef7d71c39cf20b5bc56dca428
-
SHA256
fbb3c2808cd24c8c694775b556fb89abce93cc2f21fba37a43bc06417b70d1e5
-
SHA512
6cc27fa6834452b16fc55d2ca201e37fc8169bdefe9178c4abc461e48f49bc6b0d8ed9fb0b0d8690772d7832b7b26f43d585f98272928d5e269e079e09663330
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjCGYQbN/PKwNgerar/P:T6a+rdOOtEvwDpjLzq
Behavioral task
behavioral1
Sample
2024-01-19_192ebbc4d44e5b4857359cd32e303511_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-19_192ebbc4d44e5b4857359cd32e303511_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-19_192ebbc4d44e5b4857359cd32e303511_cryptolocker
-
Size
115KB
-
MD5
192ebbc4d44e5b4857359cd32e303511
-
SHA1
70a674d1106c83fef7d71c39cf20b5bc56dca428
-
SHA256
fbb3c2808cd24c8c694775b556fb89abce93cc2f21fba37a43bc06417b70d1e5
-
SHA512
6cc27fa6834452b16fc55d2ca201e37fc8169bdefe9178c4abc461e48f49bc6b0d8ed9fb0b0d8690772d7832b7b26f43d585f98272928d5e269e079e09663330
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjCGYQbN/PKwNgerar/P:T6a+rdOOtEvwDpjLzq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-