Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-29_ad9ae251738e1c85e9311676ea835682_cryptolocker
-
Size
56KB
-
Sample
240129-gd43dscgdk
-
MD5
ad9ae251738e1c85e9311676ea835682
-
SHA1
cc181a00100abaedc6284cd121e5d3853b2f38c4
-
SHA256
65b3219b810189b8264c8cc81896aa2ac0240c4f8a6da2c39621d01e7aadef4b
-
SHA512
04b07bc76f1231093f67007339781df1afbebb957119526e4d9178bbe7bbfbde22e6cd16778d2bac7ac4b60fc4862490675997bd9757e7d339da17f0c7619557
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61s:BbdDmjr+OtEvwDpjMG
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-29_ad9ae251738e1c85e9311676ea835682_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-29_ad9ae251738e1c85e9311676ea835682_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-29_ad9ae251738e1c85e9311676ea835682_cryptolocker
-
Size
56KB
-
MD5
ad9ae251738e1c85e9311676ea835682
-
SHA1
cc181a00100abaedc6284cd121e5d3853b2f38c4
-
SHA256
65b3219b810189b8264c8cc81896aa2ac0240c4f8a6da2c39621d01e7aadef4b
-
SHA512
04b07bc76f1231093f67007339781df1afbebb957119526e4d9178bbe7bbfbde22e6cd16778d2bac7ac4b60fc4862490675997bd9757e7d339da17f0c7619557
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61s:BbdDmjr+OtEvwDpjMG
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-