Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-19_bde4c220ef924e3755ffe1d9281cd31a_cryptolocker
-
Size
93KB
-
Sample
240219-tdaj1afc8v
-
MD5
bde4c220ef924e3755ffe1d9281cd31a
-
SHA1
76c90546bb64cd9010014a6ce2e8a56e35ba6d53
-
SHA256
009218b51dfc7cc3235c3f8a10cb74e2e29a2b134db83ab76fca109421fbf658
-
SHA512
349f19fd49011f37768d6457319e79fe516cd34d6ef9097f7b07507ea2bc6fbcb94a10ed325dbdf06617a9a46246c8e6b703cb5691c28a5124d09849eb7f7776
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYM:AnBdOOtEvwDpj6ze
Behavioral task
behavioral1
Sample
2024-02-19_bde4c220ef924e3755ffe1d9281cd31a_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-19_bde4c220ef924e3755ffe1d9281cd31a_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-19_bde4c220ef924e3755ffe1d9281cd31a_cryptolocker
-
Size
93KB
-
MD5
bde4c220ef924e3755ffe1d9281cd31a
-
SHA1
76c90546bb64cd9010014a6ce2e8a56e35ba6d53
-
SHA256
009218b51dfc7cc3235c3f8a10cb74e2e29a2b134db83ab76fca109421fbf658
-
SHA512
349f19fd49011f37768d6457319e79fe516cd34d6ef9097f7b07507ea2bc6fbcb94a10ed325dbdf06617a9a46246c8e6b703cb5691c28a5124d09849eb7f7776
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYM:AnBdOOtEvwDpj6ze
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-