Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker
-
Size
61KB
-
Sample
240217-jqa17acf4t
-
MD5
c483ff063146e1efe12403550600ee69
-
SHA1
cfe8ef09717ee1b99d37d2444730abbff7cac07f
-
SHA256
5a71ec0fca52d36a0fa5e7aedae9b26af9bb1741b896af3dc24890197ab5730a
-
SHA512
c5bf257d59d6819bd2ff53cabee3ea16f0f8745aea0ced57438e20cebd695b0abdb2336d8cfcf1f0cf28d42d65a20ecebf2b03877c36b46fc1d67994dfdbf1c7
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVs:zj+soPSMOtEvwDpj4kpmeLmnS
Behavioral task
behavioral1
Sample
2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker
-
Size
61KB
-
MD5
c483ff063146e1efe12403550600ee69
-
SHA1
cfe8ef09717ee1b99d37d2444730abbff7cac07f
-
SHA256
5a71ec0fca52d36a0fa5e7aedae9b26af9bb1741b896af3dc24890197ab5730a
-
SHA512
c5bf257d59d6819bd2ff53cabee3ea16f0f8745aea0ced57438e20cebd695b0abdb2336d8cfcf1f0cf28d42d65a20ecebf2b03877c36b46fc1d67994dfdbf1c7
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVs:zj+soPSMOtEvwDpj4kpmeLmnS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-