Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker
-
Size
56KB
-
Sample
240126-ctsxvaccb2
-
MD5
06c864b764d59b4b4f05d39fc7171b2e
-
SHA1
74afbdf27f7108ed0ed136810a78dd708be237df
-
SHA256
309151278f65310dfe4156c365285fc4b7dc34dcf712f76e761dccd8d59a1526
-
SHA512
9ca00be67a3b6250968eda23aaf084aa27faecab261fa6c7c20e40ebb84f88d3c2e469b5b1b006011b33cdfb87d9ffc2df72f70b1f01d74d63193df6d37417fa
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLzbO:zj+soPSMOtEvwDpj4yzbO
Behavioral task
behavioral1
Sample
2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker
-
Size
56KB
-
MD5
06c864b764d59b4b4f05d39fc7171b2e
-
SHA1
74afbdf27f7108ed0ed136810a78dd708be237df
-
SHA256
309151278f65310dfe4156c365285fc4b7dc34dcf712f76e761dccd8d59a1526
-
SHA512
9ca00be67a3b6250968eda23aaf084aa27faecab261fa6c7c20e40ebb84f88d3c2e469b5b1b006011b33cdfb87d9ffc2df72f70b1f01d74d63193df6d37417fa
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLzbO:zj+soPSMOtEvwDpj4yzbO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-