Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-03_95f91abd5aad398828d772291b74be7b_cryptolocker
-
Size
59KB
-
Sample
240203-kgv6fadbe2
-
MD5
95f91abd5aad398828d772291b74be7b
-
SHA1
52b74938d1aab25fed47c575bdf2010b658e1d29
-
SHA256
9200154c81fac0d1105fc064145d39a30d2bd149613211d75f7e092c5da1bde0
-
SHA512
891b24abee99d025717b78a1a3e347353d8b8f398bc7f94c868650096a929a0ed2e6e425db872f78e4df7fe6bd7e75ba4a5bdb34df73843e16ebecf50a183422
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts+:BbdDmjr+OtEvwDpjM8m
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-03_95f91abd5aad398828d772291b74be7b_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-03_95f91abd5aad398828d772291b74be7b_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-03_95f91abd5aad398828d772291b74be7b_cryptolocker
-
Size
59KB
-
MD5
95f91abd5aad398828d772291b74be7b
-
SHA1
52b74938d1aab25fed47c575bdf2010b658e1d29
-
SHA256
9200154c81fac0d1105fc064145d39a30d2bd149613211d75f7e092c5da1bde0
-
SHA512
891b24abee99d025717b78a1a3e347353d8b8f398bc7f94c868650096a929a0ed2e6e425db872f78e4df7fe6bd7e75ba4a5bdb34df73843e16ebecf50a183422
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts+:BbdDmjr+OtEvwDpjM8m
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-