Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker
-
Size
64KB
-
Sample
240127-yacbmsaef6
-
MD5
7db6369e78e2e7d2564171e37fc7b9d8
-
SHA1
759d037d2d47671d4b1be3b45b68cb72bd2e5996
-
SHA256
f6104f1e9db601a9ba884901c2bf518969337e44074212ab907c75fadc68a12c
-
SHA512
f40b361dd311a598a9aa4709746eb6e4b2655e4b9ba48a949557c3afd875c710dc3a7db3899d5c918724b28d4512c5f8beee65c8a000fa7358d1f2cf74fc44d5
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fu:T6a+rdOOtEvwDpjNO
Behavioral task
behavioral1
Sample
2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker
-
Size
64KB
-
MD5
7db6369e78e2e7d2564171e37fc7b9d8
-
SHA1
759d037d2d47671d4b1be3b45b68cb72bd2e5996
-
SHA256
f6104f1e9db601a9ba884901c2bf518969337e44074212ab907c75fadc68a12c
-
SHA512
f40b361dd311a598a9aa4709746eb6e4b2655e4b9ba48a949557c3afd875c710dc3a7db3899d5c918724b28d4512c5f8beee65c8a000fa7358d1f2cf74fc44d5
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fu:T6a+rdOOtEvwDpjNO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-