Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker
-
Size
125KB
-
Sample
240218-r5y1kabh43
-
MD5
cdfb7ef0c116dd9ec2409b337b56cee0
-
SHA1
3946ab6c3169406bc7efa2e255c562bc125ce360
-
SHA256
889abd290b440b07d6fbda9603893f221a04dbab168314f1a0798a3b63cfc934
-
SHA512
bbdcdf65f0ce7dacb2e14bf1f9a0b33da8428eaeed37ad389341d438c104c4c20aefd8e2af60e55fd500ce560743ce71c662ac165de92bdfaabab930d87d453a
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eU:AnBdOOtEvwDpj6za
Behavioral task
behavioral1
Sample
2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker
-
Size
125KB
-
MD5
cdfb7ef0c116dd9ec2409b337b56cee0
-
SHA1
3946ab6c3169406bc7efa2e255c562bc125ce360
-
SHA256
889abd290b440b07d6fbda9603893f221a04dbab168314f1a0798a3b63cfc934
-
SHA512
bbdcdf65f0ce7dacb2e14bf1f9a0b33da8428eaeed37ad389341d438c104c4c20aefd8e2af60e55fd500ce560743ce71c662ac165de92bdfaabab930d87d453a
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eU:AnBdOOtEvwDpj6za
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-