Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker
-
Size
65KB
-
Sample
240218-d8dbdadd5y
-
MD5
77604a2c7a05bd854b81a9e27c5724f7
-
SHA1
16140367d6c298578822ba45c537ace625c0aa96
-
SHA256
8bca1ff5a4aad33378ef7c26187297cb0f85805dd5b726751ebc7d2c2a751b90
-
SHA512
16f7b80b79e51ac533fdac4971e8525726abc76097c0999dbd7f11986facaa4cb6634af5a2c341b4465c2fa050cfc143e6cdfecb3345a646dc128e2569a3efc3
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYjc3CBX:1nK6a+qdOOtEvwDpjsX
Behavioral task
behavioral1
Sample
2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker
-
Size
65KB
-
MD5
77604a2c7a05bd854b81a9e27c5724f7
-
SHA1
16140367d6c298578822ba45c537ace625c0aa96
-
SHA256
8bca1ff5a4aad33378ef7c26187297cb0f85805dd5b726751ebc7d2c2a751b90
-
SHA512
16f7b80b79e51ac533fdac4971e8525726abc76097c0999dbd7f11986facaa4cb6634af5a2c341b4465c2fa050cfc143e6cdfecb3345a646dc128e2569a3efc3
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYjc3CBX:1nK6a+qdOOtEvwDpjsX
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-