Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-13_c6f6ba753258533fa3ad68e473538f41_cryptolocker
-
Size
94KB
-
Sample
240213-j4xr4sef53
-
MD5
c6f6ba753258533fa3ad68e473538f41
-
SHA1
5127e103a62706d8b16be1a8df1a49d7697e456a
-
SHA256
628dcd3d404bcd764c109594be652c5f7769c21e9461c9d250fa96c0615a0347
-
SHA512
89db464532d686172c68d011551ea3c86643603e3d22fda1273b8fb11f99bda5ab7dd75892a9e13908702d44ca2ce270781a57118bfa0a12cd4070cb8dab1fb6
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp015b:AnBdOOtEvwDpj6zH
Behavioral task
behavioral1
Sample
2024-02-13_c6f6ba753258533fa3ad68e473538f41_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-13_c6f6ba753258533fa3ad68e473538f41_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-13_c6f6ba753258533fa3ad68e473538f41_cryptolocker
-
Size
94KB
-
MD5
c6f6ba753258533fa3ad68e473538f41
-
SHA1
5127e103a62706d8b16be1a8df1a49d7697e456a
-
SHA256
628dcd3d404bcd764c109594be652c5f7769c21e9461c9d250fa96c0615a0347
-
SHA512
89db464532d686172c68d011551ea3c86643603e3d22fda1273b8fb11f99bda5ab7dd75892a9e13908702d44ca2ce270781a57118bfa0a12cd4070cb8dab1fb6
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp015b:AnBdOOtEvwDpj6zH
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-