Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-23_1b94c4bdc8f7458ecaae08806c73eb95_cryptolocker
-
Size
99KB
-
Sample
240223-fbnf7abf63
-
MD5
1b94c4bdc8f7458ecaae08806c73eb95
-
SHA1
527b6438147888bcc26e6ae0e52018fa34d504a0
-
SHA256
71feefca8da5f3558fe915cc5c6e490b8463d3334659dd998a2fa4b75d250156
-
SHA512
0f75893c882275a1b4ec730ea2df88dcc9dedb57482c04289c465d8de43f8e8d62e264bde88ded73911e978521f444f775d49a78e7cf07385a4a4687c55e3983
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPeOs:AnBdOOtEvwDpj6zq
Behavioral task
behavioral1
Sample
2024-02-23_1b94c4bdc8f7458ecaae08806c73eb95_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-23_1b94c4bdc8f7458ecaae08806c73eb95_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_1b94c4bdc8f7458ecaae08806c73eb95_cryptolocker
-
Size
99KB
-
MD5
1b94c4bdc8f7458ecaae08806c73eb95
-
SHA1
527b6438147888bcc26e6ae0e52018fa34d504a0
-
SHA256
71feefca8da5f3558fe915cc5c6e490b8463d3334659dd998a2fa4b75d250156
-
SHA512
0f75893c882275a1b4ec730ea2df88dcc9dedb57482c04289c465d8de43f8e8d62e264bde88ded73911e978521f444f775d49a78e7cf07385a4a4687c55e3983
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpwqWsviPeOs:AnBdOOtEvwDpj6zq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-