Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker
-
Size
46KB
-
Sample
240223-nbat4aff84
-
MD5
fe80da3fe6edbfe96c5309a6ea33fa79
-
SHA1
f37d36280cdff8430e3e76302da8f00544c927e5
-
SHA256
835fc146477dca9e2b930b0f8c474c653d0964b46bc0eff1c5b977376c343e77
-
SHA512
ffebc6baa9d670adf0702836c4696e3bde5749342cab67c715b0e799d8e2d03c8d64e4bc22bbd925f53bb19c3022aab3dfcbbf9d70b7bc359986db05b7203bb1
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobA:qmbhXDmjr5MOtEvwDpj5cDtKkQZQu
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker
-
Size
46KB
-
MD5
fe80da3fe6edbfe96c5309a6ea33fa79
-
SHA1
f37d36280cdff8430e3e76302da8f00544c927e5
-
SHA256
835fc146477dca9e2b930b0f8c474c653d0964b46bc0eff1c5b977376c343e77
-
SHA512
ffebc6baa9d670adf0702836c4696e3bde5749342cab67c715b0e799d8e2d03c8d64e4bc22bbd925f53bb19c3022aab3dfcbbf9d70b7bc359986db05b7203bb1
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobA:qmbhXDmjr5MOtEvwDpj5cDtKkQZQu
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-