Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker
-
Size
107KB
-
Sample
240128-zchrwabcam
-
MD5
9976ca13aeeffdeb9c4481c44ab34051
-
SHA1
1dde9c58a127cc5ac40b4d901f6fe4547b60f05e
-
SHA256
0a3ce3f28c20ae262d3330ee7c3f4ac231ca96de1beb7e5be69ad4f0acb50be4
-
SHA512
2935edb15f7d28a8978ee6c29113a1bcc2710671a0a91229e3fd8014cb106aaec0b293961c0cedd0ff5dffb57ed8fafdb44e26124b3a24d9f8b7635104ed699f
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEG:1nK6a+qdOOtEvwDpj0
Behavioral task
behavioral1
Sample
2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker
-
Size
107KB
-
MD5
9976ca13aeeffdeb9c4481c44ab34051
-
SHA1
1dde9c58a127cc5ac40b4d901f6fe4547b60f05e
-
SHA256
0a3ce3f28c20ae262d3330ee7c3f4ac231ca96de1beb7e5be69ad4f0acb50be4
-
SHA512
2935edb15f7d28a8978ee6c29113a1bcc2710671a0a91229e3fd8014cb106aaec0b293961c0cedd0ff5dffb57ed8fafdb44e26124b3a24d9f8b7635104ed699f
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEG:1nK6a+qdOOtEvwDpj0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-