Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker
-
Size
77KB
-
Sample
240129-nkcp2sabbl
-
MD5
1d4ebb9e1587421a497d7297b840cd35
-
SHA1
556cf245f834403206f5b7b6db0b4a33df98b2be
-
SHA256
df52b85187aac34c21e964818ca10d4c27d071e4339922ca325363764229a4d8
-
SHA512
8f9666dc19d8899d45bce5d8341e34fa93a013c3df42a092876dd7cac45c3fd59a7a049fda845fbbc273dc623dab31362906216ce64fd39c96063a87a991d966
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOA+YSP75:T6a+rdOOtEvwDpjNb
Behavioral task
behavioral1
Sample
2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker
-
Size
77KB
-
MD5
1d4ebb9e1587421a497d7297b840cd35
-
SHA1
556cf245f834403206f5b7b6db0b4a33df98b2be
-
SHA256
df52b85187aac34c21e964818ca10d4c27d071e4339922ca325363764229a4d8
-
SHA512
8f9666dc19d8899d45bce5d8341e34fa93a013c3df42a092876dd7cac45c3fd59a7a049fda845fbbc273dc623dab31362906216ce64fd39c96063a87a991d966
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOA+YSP75:T6a+rdOOtEvwDpjNb
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-