Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-25_599186367122c5efcf79fac473b30f4f_cryptolocker
-
Size
70KB
-
Sample
240125-rymzqahde3
-
MD5
599186367122c5efcf79fac473b30f4f
-
SHA1
fe1e1079ff4ecf63617d57c927ef96dcd9971326
-
SHA256
71e5377e6b5a8d673f6da3b73f9241c24c24fe508a6aab81e96a845027507194
-
SHA512
3b2591834d848c42b569ad5f25c51785739a603c287fb19bd180d8fa7e056ad3dcdcc45104f45d8469b4b752750af9ca1ac0c44cdbac5931ed6fceda8460812f
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalp:1nK6a+qdOOtEvwDpjI
Behavioral task
behavioral1
Sample
2024-01-25_599186367122c5efcf79fac473b30f4f_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-25_599186367122c5efcf79fac473b30f4f_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_599186367122c5efcf79fac473b30f4f_cryptolocker
-
Size
70KB
-
MD5
599186367122c5efcf79fac473b30f4f
-
SHA1
fe1e1079ff4ecf63617d57c927ef96dcd9971326
-
SHA256
71e5377e6b5a8d673f6da3b73f9241c24c24fe508a6aab81e96a845027507194
-
SHA512
3b2591834d848c42b569ad5f25c51785739a603c287fb19bd180d8fa7e056ad3dcdcc45104f45d8469b4b752750af9ca1ac0c44cdbac5931ed6fceda8460812f
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalp:1nK6a+qdOOtEvwDpjI
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-