Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker
-
Size
46KB
-
Sample
240219-ksww4sbh29
-
MD5
c5db8b49a28cfda9d8c86c54104e1e89
-
SHA1
01814312a96ffe0e53b191ab4f922ad1e0842e1f
-
SHA256
5a96a8532e438520585af48a3556508d8749deb013edcc8e619f6d2b0811b3f2
-
SHA512
3fac67df0e6a93989bdb5777e128cac4504973c7e8e6c61dd5dc527dc026bc2721b83d319762a532d6a993fceef87eb6374f870db7230a2cad8b59d9108e6022
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoN:qmbhXDmjr5MOtEvwDpj5cDtKkQZQT
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker
-
Size
46KB
-
MD5
c5db8b49a28cfda9d8c86c54104e1e89
-
SHA1
01814312a96ffe0e53b191ab4f922ad1e0842e1f
-
SHA256
5a96a8532e438520585af48a3556508d8749deb013edcc8e619f6d2b0811b3f2
-
SHA512
3fac67df0e6a93989bdb5777e128cac4504973c7e8e6c61dd5dc527dc026bc2721b83d319762a532d6a993fceef87eb6374f870db7230a2cad8b59d9108e6022
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoN:qmbhXDmjr5MOtEvwDpj5cDtKkQZQT
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-