Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker
-
Size
80KB
-
Sample
240214-nqgwysab85
-
MD5
2868f806212c11a7976c3238a67cdb98
-
SHA1
b5965929283b5655b0dee1182c3ee402ce4b8223
-
SHA256
3fd81deecc19fc44097040f7136aff63b6e67a07d10a929ab6f213a0a90343ca
-
SHA512
7ead7f661d46f941ebecd27bf523eda677c4c75050d830ca3cad0185b9ebf9c6b356f913092bfe8dde5295d0df7bd64834c0803ae9c19920bab3b787f72900fe
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd08:T6a+rdOOtEvwDpjNtD
Behavioral task
behavioral1
Sample
2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker
-
Size
80KB
-
MD5
2868f806212c11a7976c3238a67cdb98
-
SHA1
b5965929283b5655b0dee1182c3ee402ce4b8223
-
SHA256
3fd81deecc19fc44097040f7136aff63b6e67a07d10a929ab6f213a0a90343ca
-
SHA512
7ead7f661d46f941ebecd27bf523eda677c4c75050d830ca3cad0185b9ebf9c6b356f913092bfe8dde5295d0df7bd64834c0803ae9c19920bab3b787f72900fe
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd08:T6a+rdOOtEvwDpjNtD
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-