Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-20_72aee8a945ba8fc28330b0d674b90b77_cryptolocker
-
Size
89KB
-
Sample
240220-nqpa2agb72
-
MD5
72aee8a945ba8fc28330b0d674b90b77
-
SHA1
3ce61f2dbf228bd7093df9c5d3c652a99afde3b5
-
SHA256
addff22bf83f7cf2f2c7844cdc387a4cd56b0b80555ade6826c2c79f765e0e49
-
SHA512
952d14d9639f765019bb97942097e059ca1a9b9b4510bea39978a88955fd91eeef7572e5445da972861d396479c249faa753b93b3489cb77966d5390b7933824
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgdxN:AnBdOOtEvwDpj6z9
Behavioral task
behavioral1
Sample
2024-02-20_72aee8a945ba8fc28330b0d674b90b77_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-20_72aee8a945ba8fc28330b0d674b90b77_cryptolocker.exe
Resource
win10v2004-20240220-en
Malware Config
Targets
-
-
Target
2024-02-20_72aee8a945ba8fc28330b0d674b90b77_cryptolocker
-
Size
89KB
-
MD5
72aee8a945ba8fc28330b0d674b90b77
-
SHA1
3ce61f2dbf228bd7093df9c5d3c652a99afde3b5
-
SHA256
addff22bf83f7cf2f2c7844cdc387a4cd56b0b80555ade6826c2c79f765e0e49
-
SHA512
952d14d9639f765019bb97942097e059ca1a9b9b4510bea39978a88955fd91eeef7572e5445da972861d396479c249faa753b93b3489cb77966d5390b7933824
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgdxN:AnBdOOtEvwDpj6z9
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-