Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-04_d499605fb2c6887ebd12ef2174a14a53_cryptolocker
-
Size
82KB
-
Sample
240204-hfkxzaeagj
-
MD5
d499605fb2c6887ebd12ef2174a14a53
-
SHA1
ad2b9064e8cc23bec1691d7e976b4f71fd9d8fdf
-
SHA256
0abdcfc845e55da080bd9ae819a8b172a34fd4d00a972fbd578a0344b1848a8f
-
SHA512
a04569b6a42703b869346f93c1db7b9de461a5da9413cf3a4d03be8a979e051d77d648e71d55e8d18147cf0569ed97264523bdcadebd0fcee5735dbf77836fc6
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyJS1nz:zCsanOtEvwDpjJ
Behavioral task
behavioral1
Sample
2024-02-04_d499605fb2c6887ebd12ef2174a14a53_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-04_d499605fb2c6887ebd12ef2174a14a53_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-04_d499605fb2c6887ebd12ef2174a14a53_cryptolocker
-
Size
82KB
-
MD5
d499605fb2c6887ebd12ef2174a14a53
-
SHA1
ad2b9064e8cc23bec1691d7e976b4f71fd9d8fdf
-
SHA256
0abdcfc845e55da080bd9ae819a8b172a34fd4d00a972fbd578a0344b1848a8f
-
SHA512
a04569b6a42703b869346f93c1db7b9de461a5da9413cf3a4d03be8a979e051d77d648e71d55e8d18147cf0569ed97264523bdcadebd0fcee5735dbf77836fc6
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1kyJS1nz:zCsanOtEvwDpjJ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-