Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-14_e720f9a94d663d5189e62b4edbeda70b_cryptolocker
-
Size
98KB
-
Sample
240214-krmbaafc24
-
MD5
e720f9a94d663d5189e62b4edbeda70b
-
SHA1
def5fca513a86563040f089e5c9644a7867392be
-
SHA256
5efa5c49d989eef3eb972b6aa1552a486622abb537b1f8e11722eb433e1782de
-
SHA512
5ca27ee35d00fb6c3dca7772d81ab6b3a0b97af95642a476384047cf48a33041cf112458de19bd5a041b11943a906eab2b0f69b20634eae11527957b8a9cd43c
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPGF6:AnBdOOtEvwDpj6zd
Behavioral task
behavioral1
Sample
2024-02-14_e720f9a94d663d5189e62b4edbeda70b_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-14_e720f9a94d663d5189e62b4edbeda70b_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-14_e720f9a94d663d5189e62b4edbeda70b_cryptolocker
-
Size
98KB
-
MD5
e720f9a94d663d5189e62b4edbeda70b
-
SHA1
def5fca513a86563040f089e5c9644a7867392be
-
SHA256
5efa5c49d989eef3eb972b6aa1552a486622abb537b1f8e11722eb433e1782de
-
SHA512
5ca27ee35d00fb6c3dca7772d81ab6b3a0b97af95642a476384047cf48a33041cf112458de19bd5a041b11943a906eab2b0f69b20634eae11527957b8a9cd43c
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPGF6:AnBdOOtEvwDpj6zd
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-