Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-17_1e37e60a1651dddf2dbf07b94867e850_cryptolocker
-
Size
71KB
-
Sample
240217-2fb5lsbh36
-
MD5
1e37e60a1651dddf2dbf07b94867e850
-
SHA1
5a1accabcd8ba58d951b4dd19413f1758ba355e9
-
SHA256
ab13cfbeef94d29dab9f9156a867fa76fbe4eb590566a1a2bb0031fe90895105
-
SHA512
bfdb4b16c8001c5f081200bfc727a4fd4851413d340e53a88dc645f48d24de5f3a732cce09feb27c7c5a40db433e55f38e8452c998ee2827f60341c1ade18aa8
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalC:1nK6a+qdOOtEvwDpjf
Behavioral task
behavioral1
Sample
2024-02-17_1e37e60a1651dddf2dbf07b94867e850_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-17_1e37e60a1651dddf2dbf07b94867e850_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-17_1e37e60a1651dddf2dbf07b94867e850_cryptolocker
-
Size
71KB
-
MD5
1e37e60a1651dddf2dbf07b94867e850
-
SHA1
5a1accabcd8ba58d951b4dd19413f1758ba355e9
-
SHA256
ab13cfbeef94d29dab9f9156a867fa76fbe4eb590566a1a2bb0031fe90895105
-
SHA512
bfdb4b16c8001c5f081200bfc727a4fd4851413d340e53a88dc645f48d24de5f3a732cce09feb27c7c5a40db433e55f38e8452c998ee2827f60341c1ade18aa8
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalC:1nK6a+qdOOtEvwDpjf
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-